840Dsl 828D OPCUA Config Man 1218 en-US

Preface
Introduction 1
Safety notes 2
SINUMERIK
Setting up of OPC UA server 3
SINUMERIK 840Dsl/828D
SINUMERIK Access MyMachine / 4
User administration
OPC UA
Functionality 5
Configuration Manual
Diagnostics 6
Update of OPC UA server 7
Technical data 8
Exceptions: 828D / V4.5 9
Trouble shooting 10
Valid for:
OPC UA server Version 2.2
12/2018
6FC5397-1DP41-0BA2
Legal information
Warning notice system
This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent
damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert
symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are
graded according to the degree of danger.
DANGER
indicates that death or severe personal injury will result if proper precautions are not taken.
WARNING
indicates that death or severe personal injury may result if proper precautions are not taken.
CAUTION
indicates that minor personal injury can result if proper precautions are not taken.
NOTICE
indicates that property damage can result if proper precautions are not taken.
If more than one degree of danger is present, the warning notice representing the highest degree of danger will be
used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property
damage.
Qualified Personnel
The product/system described in this documentation may be operated only by personnel qualified for the specific
task in accordance with the relevant documentation, in particular its warning notices and safety instructions. Qualified
personnel are those who, based on their training and experience, are capable of identifying risks and avoiding
potential hazards when working with these products/systems.
Proper use of Siemens products
Note the following:
WARNING
Siemens products may only be used for the applications described in the catalog and in the relevant technical
documentation. If products and components from other manufacturers are used, these must be recommended or
approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and
maintenance are required to ensure that the products operate safely and without any problems. The permissible
ambient conditions must be complied with. The information in the relevant documentation must be observed.
Trademarks
All names identified by ® are registered trademarks of Siemens AG. The remaining trademarks in this publication
may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.
Disclaimer of Liability
We have reviewed the contents of this publication to ensure consistency with the hardware and software described.
Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in
this publication is reviewed regularly and any necessary corrections are included in subsequent editions.
Siemens AG Document order number: 6FC5397-1DP41-0BA2 Copyright © Siemens AG 2017 - 2018.

Division Digital Factory Ⓟ 11/2018 Subject to change All rights reserved
Postfach 48 48
90026 NÜRNBERG
GERMANY
Preface
SINUMERIK documentation
The SINUMERIK documentation is organized into the following categories:
● General documentation/catalogs
● User documentation
● Manufacturer/service documentation
Additional information
You can find information on the following topics at the following address (https://
support.industry.siemens.com/cs/document/108464614/):
● Ordering documentation/overview of documentation
● Additional links to download documents
● Using documentation online (find and search in manuals/information)
If you have any questions regarding the technical documentation (e.g. suggestions,
corrections), please send an e-mail to the following address
(mailto:[email protected]).
mySupport/Documentation
At the following address (https://support.industry.siemens.com/My/ww/en/documentation),
you can find information on how to create your own individual documentation based on
Siemens' content, and adapt it for your own machine documentation.
Training
At the following address (http://www.siemens.com/sitrain), you can find information about
SITRAIN (Siemens training on products, systems and solutions for automation and drives).
FAQs
You can find Frequently Asked Questions in the Service&Support pages under Product
Support (https://support.industry.siemens.com/cs/de/en/ps/faq).
SINUMERIK
You can find information about SINUMERIK at the following address (http://www.siemens.com/
sinumerik).
SINUMERIK Access MyMachine / OPC UA

Configuration Manual, 12/2018, 6FC5397-1DP41-0BA2 3
Preface
Target group
This document addresses commissioning engineers, machine tool manufacturers, planners
and plant operating companies. The document provides detailed information that
commissioning engineers require to setup the SINUMERIK Access MyMachine / OPC UA
software.
Benefits
The Configuration Manual instructs the target group on how to use/configure the software
correctly.
Standard scope
This documentation describes the functionality of the standard scope. Additions or revisions
made by the machine manufacturer are documented by the machine manufacturer.
Other functions not described in this documentation might be executable in the control system.
This does not, however, represent an obligation to supply such functions with a new control
system or when servicing.
For the sake of simplicity, this documentation does not contain all detailed information about
all types of the product and cannot cover every conceivable case of installation, operation, or
maintenance.
Note regarding the General Data Protection Regulation
Note regarding the General Data Protection Regulation

Siemens observes standard data protection principles, in particular the principle of privacy by
design. That means that this product does not process / store any personal data, only technical
functional data (e.g. time stamps). If a user links this data with other data (e.g. a shift schedule)
or stores personal data on the same storage medium (e.g. hard drive) and thus establishes a
link to a person or persons, then the user is responsible for ensuring compliance with the
relevant data protection regulations.
Technical Support
Country-specific telephone numbers for technical support are provided in the Internet at the
following address (https://support.industry.siemens.com/cs/sc/2090/) in the "Contact" area.

4 Configuration Manual, 12/2018, 6FC5397-1DP41-0BA2
Table of contents
Preface.........................................................................................................................................................3
1 Introduction...................................................................................................................................................9
1.1 General description..................................................................................................................9
1.1.1 SINUMERIK OPC UA server...................................................................................................9
1.2 Features.................................................................................................................................10
1.3 System setup.........................................................................................................................11
1.4 Compatibility of OPC UA server version and CNC software versions...................................12
1.5 Reference to OPC UA specification.......................................................................................13
2 Safety notes................................................................................................................................................15
2.1 Fundamental safety instructions............................................................................................15
2.1.1 General safety instructions.....................................................................................................15
2.1.2 Warranty and liability for application examples......................................................................15
2.1.3 Industrial security...................................................................................................................16
2.2 OPC UA security notes..........................................................................................................18
3 Setting up of OPC UA server......................................................................................................................19
3.1 Prerequisites..........................................................................................................................19
3.2 Option OPC UA......................................................................................................................20
3.3 Commissioning.......................................................................................................................21
3.4 Certificate handling................................................................................................................26
3.4.1 Overview................................................................................................................................26
3.4.2 Server certificates..................................................................................................................28
3.4.3 Client certificates....................................................................................................................31
3.4.3.1 Trusted certificates.................................................................................................................31
3.4.3.2 Rejected certificates...............................................................................................................33
3.5 Testing the connection...........................................................................................................35
4 User administration.....................................................................................................................................41
4.1 Overview................................................................................................................................41
4.2 User management..................................................................................................................42
4.3 Rights management...............................................................................................................43
4.4 List of rights............................................................................................................................44
5 Functionality...............................................................................................................................................47
5.1 Overview................................................................................................................................47
5.2 Address space model ............................................................................................................48
5.3 Variable access......................................................................................................................50

Table of contents
5.3.1 Variable paths for NC access operations...............................................................................50

5.3.2 Variable paths for GUD access operations............................................................................51
5.3.3 Variable paths for PLC access operations.............................................................................52
5.3.4 Variable paths for machine and setting data..........................................................................54
5.3.5 Variable paths for 1:N configuration (only target system PCU)..............................................54
5.3.6 Finding of OPC UA variables ................................................................................................56
5.3.7 Monitored items......................................................................................................................59
5.4 Alarms....................................................................................................................................60
5.4.1 Overview................................................................................................................................60
5.4.2 Subscribe / unsubscribe to alarms ........................................................................................61
5.4.3 Sequence description of alarms.............................................................................................62
5.4.4 SINUMERIK Alarm object......................................................................................................62
5.4.4.1 Description.............................................................................................................................62
5.4.4.2 OPC UA event messages and alarms...................................................................................63
5.4.5 Language of alarms...............................................................................................................68
5.4.5.1 OPC UA language specification.............................................................................................68
5.4.5.2 SINUMERIK language specification.......................................................................................69
5.4.5.3 Mapping of SINUMERIK LanguageID with OPC UA LocaleID..............................................69
5.4.6 OPC UA alarms and conditions constraints...........................................................................70
5.4.7 OPC UA alarms and conditions client....................................................................................71
5.4.8 OPC UA multi-language alarms and conditions client...........................................................72
5.5 File system.............................................................................................................................74
5.5.1 Overview................................................................................................................................74
5.5.2 Prerequisites..........................................................................................................................75
5.5.3 Standard file system support..................................................................................................77
5.5.3.1 File transfer with standard methods.......................................................................................77
5.5.3.2 File transfer exceeding 16 MB between client and server.....................................................79
5.5.3.3 Comfort methods for file transfer < 16 MB.............................................................................81
5.6 Select.....................................................................................................................................84
5.6.1 Overview................................................................................................................................84
5.6.2 Description.............................................................................................................................85
5.6.3 Input and output arguments...................................................................................................85
5.6.4 Example call...........................................................................................................................87
5.7 Tool management..................................................................................................................88
5.7.1 Description.............................................................................................................................88
5.7.2 CreateTool.............................................................................................................................89
5.7.3 DeleteTool..............................................................................................................................90
5.7.4 CreateCuttingEdge ................................................................................................................92
5.7.5 DeleteCuttingEdge.................................................................................................................93
6 Diagnostics.................................................................................................................................................97
6.1 Overview ...............................................................................................................................97
6.2 Diagnostics screen.................................................................................................................98
6.3 OPC UA server version........................................................................................................100
7 Update of OPC UA server........................................................................................................................103
7.1 Overview..............................................................................................................................103
7.2 Compatibility ........................................................................................................................104

Table of contents
7.3 Installation of OPC UA server..............................................................................................105

7.3.1 Installation/Upgrade on a PCU/IPC......................................................................................105
7.3.2 Installation/Upgrade a PPU/NCU.........................................................................................105
8 Technical data .........................................................................................................................................107
9 Exceptions: 828D / V4.5...........................................................................................................................109
9.1 Starting of configuration dialog.............................................................................................110
9.2 Update of OPC UA server....................................................................................................111
10 Trouble shooting.......................................................................................................................................113
10.1 Frequently asked questions (FAQs).....................................................................................113
10.2 Reference to OPC UA error code........................................................................................116
Index.........................................................................................................................................................117

Table of contents

Introduction 1
1.1 General description
Uniform standard for data exchange

"Industrie 4.0" stands for the intensive utilization, evaluation and analysis of data from the
production in IT systems of the enterprise level. PLC programs today already record a wide
range of data at the production and process level (pressure values, temperatures and counter
readings) and make them available to systems at the enterprise level, for example, to increase
the product quality. With Industry 4.0, the data exchange between the production and
enterprise levels will increase much faster in the future. However, prerequisite for the success
of "Industrie 4.0" is a uniform standard for data exchange.
The OPC UA (Unified Architecture) standard is particularly suitable for data exchange across
different levels as it is independent from specific operating systems, has secure transfer
procedures and better semantic description of the data. OPC UA not only makes data available,
but also provides information about the data (e.g. data types). This enables machine-
interpretable access to the data.
1.1.1 SINUMERIK OPC UA server

The SINUMERIK OPC UA server offers a communication interface with manufacturer
independent standard. The information on SINUMERIK controls can be exchanged with an
OPC UA client using this communication interface.
The client is not part of SINUMERIK and is either part of standard software or can be developed
as part of individual software. For this purpose a stack for downloading is provided by the OPC
foundation.
Some manufacturers provide a software development kit, which can be used to develop an
OPC UA client.

Introduction
1.2 Features
1.2 Features
The SINUMERIK OPC UA server provides the possibility to communicate with SINUMERIK
via OPC UA. The following functionalities of the OPC UA specification are supported by the
server:
● Read, write and subscribe to SINUMERIK variables (NC, PLC) (see chapter Variable
access (Page 50))
● Transfer of part programs (see chapter File system (Page 74))
● Support for File and Folder Objects
● Event based provision of SINUMERIK alarms and messages from HMI, NC and PLC (see
chapter Alarms (Page 60))
● Methods for selection of part programs from the NC file system and external memory (see
chapter Select (Page 84)) and methods for tool management (see chapter Tool
management (Page 88))
● Multi language support for the alarm and warning messages.
Security settings
The server provides the possibility to communicate in an unencrypted or encrypted way. The
following options are possible:
● None
● 128 Bit - Sign (Basic128Rsa15)
● 128 Bit - Sign & Encrypt (Basic128Rsa15)
● 256 Bit – Sign (Basic256Sha256)
● 256 Bit - Sign (Basic256)
● 256 Bit – Sign & Encrypt (Basic256Sha256)
● 256 Bit - Sign & Encrypt (Basic256)
NOTICE
Security risk of no or low encryption
During operational process, an encrypted communication must always be used for security
reasons.
Furthermore, the SINUMERIK OPC UA server provides the possibility of user administration,
which allows to assign access rights for each user individually (see chapter User
administration (Page 41)).
See also
Certificate handling (Page 26)

Introduction
1.3 System setup
1.3 System setup
Accessibility of the server

The accessibility of the server varies in the particular SINUMERIK systems. The following table
shows the dependencies of the SINUMERIK systems:
SINUMERIK Accessibility
systems
SINUMERIK After successful licensing and activation the OPC UA server is accessible via the X130 interface.
828D
SINUMERIK The OPC UA server needs SINUMERIK Operate and runs on the same place as SINUMERIK Operate. For
840D sl this reason, system setup depends on whether a Thin Client is used (SINUMERIK Operate runs on NCU)
or a PCU / IPC with Windows operating system.
Thin Client If a Thin Client is used, the OPC UA server is accessible after successful licensing
and activation via X120 and X130 interface of the NCU.
PCU / IPC If a PCU / IPC is used, the OPC UA server is accessible after successful licensing
and activation via "eth1" and "eth2" interface of the PCU / IPC. In this case the OPC UA
server is neither accessible via "eth3" interface of the PCU/IPC nor the X120 or X130
interface of the NCU.
Application scenario
/RFDO 1HWZRUN
&XVWRPHU
DSSOLFDWLRQ23&
8$FOLHQW
3&8,3&
&XVWRPHU
23&8$
DSSOLFDWLRQ23&
VHUYHU
8$FOLHQW
23&8$ 23&8$
23&8$VHUYHU VHUYHU VHUYHU
6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'
Figure 1-1 Application scenario

Introduction
1.4 Compatibility of OPC UA server version and CNC software versions
1.4 Compatibility of OPC UA server version and CNC software versions

The latest OPC UA server version is compatible to several CNC software versions. Below you
will find which CNC software versions have been tested successfully with the latest OPC UA
server version:
CNC software version OPC UA version Test results

Pass/Fail
4.5 V2.2 Pass
4.6 V2.2 Pass
04.07 - SP2 V2.2 Pass*
04.07 - SP3 V2.2 Pass*
04.07 - SP4 V2.2 Pass*
04.07 - SP5 V2.2 Pass
04.08 - SP2 V2.2 Pass
04.08 - SP3 V2.2 Pass
4.91 V2.2 Pass
*) Cleanup of OPC UA folders (opcua/cfg, opcua/user) may be necessary.

Introduction
1.5 Reference to OPC UA specification

The SINUMERIK OPC UA server matches the specification of the OPC foundation (https://
opcfoundation.org/) V1.0.3.

Introduction

Safety notes 2
2.1 Fundamental safety instructions
2.1.1 General safety instructions
WARNING
Danger to life if the safety instructions and residual risks are not observed
If the safety instructions and residual risks in the associated hardware documentation are not
observed, accidents involving severe injuries or death can occur.
● Observe the safety instructions given in the hardware documentation.
● Consider the residual risks for the risk evaluation.
WARNING
Malfunctions of the machine as a result of incorrect or changed parameter settings
As a result of incorrect or changed parameterization, machines can malfunction, which in turn
can lead to injuries or death.
● Protect the parameterization (parameter assignments) against unauthorized access.
● Handle possible malfunctions by taking suitable measures, e.g. emergency stop or
emergency off.
2.1.2 Warranty and liability for application examples

Application examples are not binding and do not claim to be complete regarding configuration,
equipment or any eventuality which may arise. Application examples do not represent specific
customer solutions, but are only intended to provide support for typical tasks.
As the user you yourself are responsible for ensuring that the products described are operated
correctly. Application examples do not relieve you of your responsibility for safe handling when
using, installing, operating and maintaining the equipment.

Safety notes
2.1.3 Industrial security
Note
Industrial security
Siemens provides products and solutions with industrial security functions that support the
secure operation of plants, systems, machines and networks.
In order to protect plants, systems, machines and networks against cyber threats, it is
necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial
security concept. Siemens’ products and solutions constitute one element of such a concept.
Customers are responsible for preventing unauthorized access to their plants, systems,
machines and networks. Such systems, machines and components should only be connected
to an enterprise network or the Internet if and to the extent such a connection is necessary
and only when appropriate security measures (e.g. firewalls and/or network segmentation) are
in place.
For additional information on industrial security measures that may be implemented, please
visit:
Industrial security (http://www.siemens.com/industrialsecurity)
Siemens’ products and solutions undergo continuous development to make them more secure.
Siemens strongly recommends that product updates are applied as soon as they are available
and that the latest product versions are used. Use of product versions that are no longer
supported, and failure to apply the latest updates may increase customer’s exposure to cyber
threats.
To stay informed about product updates, subscribe to the Siemens Industrial Security RSS
Feed at:
Industrial security (http://www.siemens.com/industrialsecurity)
Further information is provided on the Internet:

Industrial Security Configuration Manual (https://support.industry.siemens.com/cs/ww/en/
view/108862708)

Safety notes
WARNING
Unsafe operating states resulting from software manipulation
Software manipulations (e.g. viruses, trojans, malware or worms) can cause unsafe operating
states in your system that may lead to death, serious injury, and property damage.
● Keep the software up to date.
● Incorporate the automation and drive components into a holistic, state-of-the-art industrial
security concept for the installation or machine.
● Make sure that you include all installed products into the holistic industrial security concept.
● Protect files stored on exchangeable storage media from malicious software by with
suitable protection measures, e.g. virus scanners.
● Protect the drive against unauthorized changes by activating the "know-how protection"
drive function.

Safety notes
2.2 OPC UA security notes
2.2 OPC UA security notes
NOTICE
OPC UA provides read/write access on data in SINUMERIK. This access might also affect
security relevant data.
● You can limit this access on SINUMERIK data by individual read and write permission.
Please refer to chapter User administration (Page 41), especially chapter List of rights
(Page 44).

Setting up of OPC UA server 3
3.1 Prerequisites
NOTICE
Protection against security risks
To protect industrial plants and systems comprehensively against cyber attacks, measures
must be applied simultaneously at all levels (from the operational level up to the field level,
from access control to copy protection). Therefore, before setting up of the OPC UA server,
apply the "Defense in Depth" protection concept in order to avoid security risks in your
environment.
Ensure that you do not connect the company network to the internet without suitable protective
measures.
You will find further information on the Defense-in-Depth concept, suitable protective
measures and Industrial Security in general in the Configuration Manual Industrial Security
(https://support.industry.siemens.com/cs/de/en/view/108862708).
Prerequisites
● OPC UA server requires SINUMERIK Operate.
● OPC UA server requires an OPC UA license (6FC5800-0AP67-0YBO).
● Make sure that the HMI time is set correctly, since this is a prerequisite for encrypted
communication.

Setting up of OPC UA server
3.2 Option OPC UA
3.2 Option OPC UA
Setting the option

1. Set the "Access MyMachine / OPC UA" option via the "Startup > Licenses" operating area.
Figure 3-1 Setting the option

3.3 Commissioning
3.3 Commissioning
Checking the HMI time

Make sure that the HMI time is set correctly, since this is a prerequisite for encrypted
communication.
Note
The certificate needed for secure OPC UA communication is automatically created during the
first run-up. The start date of the validity period of the certificate is set to the current date. The
validity period is 20 years.
If the SINUMERIK system time is subsequently changed, so that it lies outside the validity
period, the secure OPC UA communication does not function (BadCertificateTimeInvalid).
The certfiicate can also be changed manually, as decribed in chapter Certificate handling
(Page 26).
Executing the OPC UA configuration dialog

1. Start the OPC UA configuration dialog via the operating area "Startup > Network".
Note
Different startup behaviour with 828D / V4.5
The control 828D with CNC software version V4.5 has a different startup behaviour of the
configuration dialog (see chapter Starting of configuration dialog (Page 110)).
2. Press the "OPC UA" softkey.

3.3 Commissioning
3. Press the "Setup" softkey. The Settings dialog will appear. Then press the "Change"
softkey. Make the necessary settings for connection, authentication and activation.
Figure 3-2 Settings of OPC UA server (with changes)

3.3 Commissioning
Group Setting Description

Connection set‐ ● Company network The available network connections (IP address) on a
tings specific target system (828D, 840D sl, PCU, IPC) are
● Systems network
shown. The available networks options vary depending
(machine network)
on your target system.
● Service network
● Company network
● Systems network (machine network)
● Service network.
For example, since IPC is considered as PCU there will
be only two networks (company and systems (machine)
network) displayed.
It is possible to activate or deactivate an interface from
OPC UA server point of view.
TCP Port TCP port at which the OPC UA server should be availa‐
ble.
Standard configuration: 4840
Note!
The port must also be open in the firewall. For PPU/NCU
this happens automatically. With PCU/IPC the port must
be opened manually in the firewall.
Message encryption It can be chosen which security endpoints should be of‐
fered from the server
Setting Standard configuration
None Deactivated
128 bit Activated
256 bit Activated
Authentication Admin User User name of the administrator. The administrator can
add or delete users and assign or delete user authoriza‐
tions.
Password Password of the administrator.
Confirm Password Enter the password again for confirmation.
Allow anonymous ac‐ Standard configuration: Deactivated
cess Anonymous access is only recommended for commis‐
sioning.
Accept certificates au‐ Standard configuration: Activated
tomatically If this option is set, all client certificates are automatically
accepted. For manual acceptance, please refer to chap‐
ter Certificate handling.
Activation Activate OPC UA Place the checkmark to activate OPC UA and remove
the checkmark to deactivate it.
NOTICE
Security risk due to data manipulation and data sniffing
Anonymous access can be a security risk. Anonymous access should therefore be strictly
limited to commissioning.
● For normal operation authentication via username and password or based on
certificates should be used (see chapter Certificate handling).

3.3 Commissioning
NOTICE
Security risk due to data manipulation and data sniffing
If no message encryption to the client is established, there will be a security risk of data
manipulation and data sniffing. It is therefore highly recommended to establish a message
encryption to the client.
● Use the highest possible encryption standard (256 bit) to ensure a secure message
transfer.
Note
Assigning secure passwords
Observe the following rules when creating new passwords:
● When assigning new passwords, ensure that you do not assign passwords that can be
guessed, e.g. simple words, key combinations that can be easily guessed, etc.
● Passwords must always contain a combination of upper-case and lower-case letters as
well as numbers and special characters. Passwords must comprise at least eight
characters. The server does not support passwords comprising less than eight
characters. PINS must comprise an arbitrary sequence of digits.
● Wherever possible and where it is supported by the IT systems, a password must always
have a character sequence as complex as possible.
The German Federal Office for IT Security (BSI) (https://www.bsi.bund.de/SharedDocs/
Downloads/DE/BSI/Grundschutz/International/GSK_15_EL_EN_Draft.pdf?
__blob=publicationFile&v=2) provides additional rules for creating secure passwords.
Programs are available that can help you to manage your passwords. Using these
programs, you can encrypt, save and manage your passwords and secret numbers – and
also create secure passwords.
Note
If you want to change the password later, you can do this via the OPC UA method
"ChangeMyPassword" or in the SINUMERIK Operate screen.

3.3 Commissioning
4. Then choose "OK". If you enter a port for the first time, you will receive a safety note.
Figure 3-3 Security message for opening the TCP port
Note
Port opening on IPC
On first startup of OPC UA server a windows message will appear, asking the user to
confirm the opening of the port.
5. If settings are all done, restart is necessary to activate the new settings. Perform a hardware
restart on the target systems NCU and PPU. A restart of the SINUMERIK Operate is
necessary on the PCU 50/IPC.

3.4 Certificate handling
3.4.1 Overview
To establish a secure connection between an OPC UA server and a client it is necessary to
exchange and trust the certificate of the other communication partner. The exchange is
normally done automatically at the first connection attempt between client and server.
Nevertheless there is also the possibility to exchange the certificates manually before the other
communication partner is available, e. g for preparing an easy commissioning.
For trusting the certificates there are two possibilities within the server:
● Automatic trusting of new certificates
If "Accept certificates automatically" is activated in the commissioning dialog, new client
certificates are trusted automatically and there is no manual interaction necessary to
establish a secure connection.
This is the most comfortable option, but less secure than the manual trusting, since all
certificates will be trusted.
● Manual trusting of certificates (recommended)
If "Accept certificates automatically" is deactivated in the commissioning dialog the
certificates must be trusted manually to establish a secure connection.
This allows the administrator of the OPC UA server to manually decide, which client can
establish a secure connection to the OPC UA server
To have a comfortable way to handle certificates, the OPC UA dialog offers a certificate section,
which can be found under the softkey "Certificates".

Figure 3-4 Softkey Certificates
Operations
The Certificate dialog allows the following operations:
● Server certificate
– Renewal of the server certificate
– Export of the current server certificate
● Client certificates
– List of the current trusted certificates
– List of the rejected client certificates
– Manual import of a client certificate
– Deletion of a client certificate
– Trust a rejected client certificate

3.4.2 Server certificates
Overview
① The name of the OPC UA server certificate is shown in the upper part of the screen.
② You can renew the server certificates.
③ You can export the server certificate to a configured device.
④ You can leave the OPC UA dialogs.
⑤ The details of the server certificate are shown in the lower part of the screen. You can scroll
down to see further certificate attributes.
Figure 3-5 Server Certificate

Renewing server certificates

The server certification can be renewed at any timy. With the renewal the following things can
be specified by the administrator:
● Expiration date of the certificate / validity in years
Note
Before using this dialog make sure that the date and the time of SINUMERIK Operate is
set correctly, as the certificate will be valid from the current date in SINUMERIK Operate
at the time of renewal.
● Decision if IP address and/or host name should be mentioned in the server certificate
Note
Many clients will need the IP address in the certificate for validation. If the server will be
addressed by hostname (e. g. because the IP address of the OPC UA server changes
frequently due to a dynamic assignment by a DHCP server), it is recommended only to
include the host name in the certificate. Because otherwise the certificate must be renewed
and exchanged with every change of the IP address.
To renew a server certificate proceed as follows:

1. Press the softkey "Renew".
A pop up screen will appear that offers two ways of selecting a time period:
– Select the number of years, the server certificate will be valid
– Specify a precise date, the server certificate will expire
Specify also whether the IP address and/or the host name should be written in the server
certificate.
Figure 3-6 Renew server certificate
Pressing the softkey "Cancel" will ignore all input and return to the "Server" dialog.
Pressing the softkey "Ok" will save the input to the system, the currently valid certificate
will be deleted and with the next start of SINUMERIK Operate the new certificate gets
created.

Exporting server certificates

For an offline preparation of the connection to the server, you can export the server certificate.
After that the certificate can be imported and trusted on the client side.
1. Press the softkey "Export".
A pop up screen will appear showing the USB device to export to. You can navigate to a
location on the USB device to export the OPC UA server certificate.
Pressing the softkey "Cancel" will ignore all input and return to the "Server" dialog.
Pressing the softkey "Ok" will export the certificate.

3.4.3 Client certificates
3.4.3.1 Trusted certificates
Overview
① The trusted certificates are listed in the upper part of the screen. You can select a certificate
using the arrow keys (cursor up/ cursor down).
② You can delete the trusted certificates.
③ You can import a certificate from an USB device.
⑤ The certificate details are shown in the lower part of the screen. To set the focus on the lower
part of the screen the softkey "next window" on the keyboard is used.
Figure 3-7 Trusted Certificate

Deleting trusted certificates

1. To manually delete a client certificate select a certificate in the trusted list and press the
softkey "Delete".
A pop up screen will appear asking you for confirmation of deletion:
Figure 3-8 Delete certificate
Pressing the softkey "Cancel" will do no action and return to "Trusted" dialog.
Pressing the softkey "Ok" will delete the selected certificate.
Note
After the deletion of the client certificate a connection with OPC UA server can no longer
be established by the client of the corresponding certificate.
Importing certificates
To prepare a connection a client certificate can be imported before actually establishing a
connection. With the import the certificate is automatically trusted.
1. Press the softkey "Import".
A pop up screen will appear showing the USB device to import from. You can navigate to
a location on the USB device to import a certificate to a trusted folder.
Pressing the softkey "Cancel" will ignore all input and return to the "Trusted" dialog.
Pressing the softkey "Ok" will import the certificate.
Note
Keep in mind, that only certificates with the file extension "*.der" are accepted.
Note
To use a certificate for authentication it is necessary to create a user with the method
"AddCertificateUser" first.

3.4.3.2 Rejected certificates
Overview
① The rejected certificates are listed in the upper part of the screen. You can select a certificate
using the arrow keys (cursor up/ cursor down).
② You can delete the selected certificate.
③ You can trust the selected certificate.
⑤ The certificate details are shown in the lower part of the screen. To set the focus on the lower
part of the screen the softkey "next window" on the keyboard is used.
Figure 3-9 Rejected Certificate

Deleting rejected certificates

1. To manually delete a client certificate, select the certificate in the rejected list and press
the softkey "Delete".
A pop up screen will appear asking you for confirmation of deletion:
Figure 3-10 Delete certficate
Pressing the softkey "Cancel" will do no action and return to the previous dialog.
Pressing the softkey "Ok" will delete the selected certificate.
Trusting rejected certificates

If the setting "Accept certificates automatically" is deactivated, certificates automatically
transferred by a client with the first connection attempt will be treated as untrusted and need
to be trusted manually before the connection can be established. In this case, the server will
report an error (BadSecurityChecksFailed) on initial connection attempt.
1. To manually trust a client certificate, select the certificate in the rejected list and press the
softkey "Trust".
A pop up screen will appear asking for confirmation of trusting the certificate.
Figure 3-11 Trust certificate
Pressing the softkey "Cancel" will return to the "Rejected" dialog.

Pressing the softkey "Ok" will trust the certificate and move it to the trusted folder.

3.5 Testing the connection
Requirement
To test the connection, you can use the "Sample Applications" of the OPC Foundation (https://
opcfoundation.org/developer-tools/specifications-unified-architecture/opc-unified-
architecture-for-cnc-systems/) under "Developer Tools/Developer Kits/Unified Architecture". It
is necessary to register with the OPC Foundation for this.
Note
There are two ways to establish the connection:
● Connection without security
● Connection with the security policy "Basic128Rsa15" respectively "Basic256" and the
security mode "SignAndEncrypt"
SIEMENS always recommends setting up a connection with security, as only in this way the
confidentiality of the data transmitted can be ensured.
Installation
The "Sample Applications" additionally install a service with the name "OPC UA Local
Discovery Server". If you want to locally test the OPC UA connection, i.e. an installation directly
on the PCU 50/IPC, you must deactivate this service.
Note
If the service "OPC UA Local Discovery Server" is active, the OPC UA server cannot be started
correctly, because it blocks the needed TCP port 4840.
This service has no influence if the "Sample Applications" are installed on a PC in the network.
Deactivation is then not necessary.

Figure 3-12 Deactivating the "OPC UA Local Discovery Server" service on PCU 50/IPC

Procedure
1. Start the OPC UA "Sample client".
Figure 3-13 Sample Client main window
2. Select the "New" entry from the drop-down list.

The "Discover Servers" window opens.
3. Now enter the IPv4 address of the target system and click the "Discover" button.
Figure 3-14 Discover servers
4. The SINUMERIK OPC UA server appears in the list. Select the server and confirm with
"OK".

5. Return to the main window and click the "Connect" button.

6. To establish a simple connection without security, configure the following settings. After
clicking "OK", enter the administrator user assigned when OPC UA was set up and the
administrator password. Confirm your settings by clicking "OK".
Figure 3-15 Server configuration
Figure 3-16 User Identity

7. Confirm the prompt asking if you want to trust the transferred certificate with "Yes".
Figure 3-17 Certificate
The connection to the SINUMERIK OPC UA server is now established and the available
address space is displayed.
Figure 3-18 Address space of the SINUMERIK OPC UA server
8. Now navigate to a nodeID (e.g. R-parameter at Sinumerik > Channel > Parameter > R) and
right click the corresponding entry. You can now test various functions:

– E.g. read, write, setup monitoring
Figure 3-19 NodeID "Sinumerik > Channel > Parameter > R"
– The attributes of a NodeID can be queried via the entry "View Attributes". One of these
attributes is the "Value", which provides the corresponding value of R1.
Figure 3-20 Viewing node attributes

User administration 4
4.1 Overview
The admin can add/delete users and rights via OPC UA methods provided by the server.
Therefore a connection with a generic client must be established, using the admin credentials.
Users and rights can then be assigned using the following OPC UA server methods:
● Add users (AddUser, AddCertificateUser)
● Delete users (DeleteUser)
● List users (GetUserList)
● Change password (ChangeMyPassword)
● Give access rights (GiveUserAccess)
● Remove access rights (DeleteUserAccess)
● List access rights (GetMyAccessRights, GetUserAccessRights)
NOTICE
Misuse of rights
As an administrator you are fully responsible for the administration of users and their rights.
Any error in the administration process can lead to the misuse of rights.
Note
Anonymous connection
You can also establish an anonymous connection during commissioning, if this setting is active,
but the methods will not be available (feedback: "BadRequestNotAllowed").
Note
Anonymous user
Anonymous users don't have any access (Read/Write) rights after installation. As an
administrator you have to set these rights explicitly.
Note
Administrator has only read rights
Note that the administrator has only read rights per default. Other rights need to be set explicitly.
Note
You can only add/remove users/rights if you are connected as administrator. If you call the
methods with a different user, you will receive the message "BadInvalidArgument".

User administration
4.2 User management
4.2 User management

A new user created with the "AddUser" or "AddCertficateUser" function has no rights at all.
The user administrator has the responsibility for the user management and the associated
rights. All users must use a secure password.
Table 4-1 Methods for user administration
Method Description
AddUser Creates a new user for accessing OPC UA.
Input arguments:
UserName User Name
Initially, the password of the new user is the user name. It should then be changed using the
method "ChangeMyPassword".
AddCertificateUser Creates a new user for accessing OPC UA via certificate authentication.
Input arguments:
UserName user, certificate is issued to
CertficateData Certificate(.der) as byte string
DeleteUser Deletes a user who was added previously using the method "AddUser" and "AddCertificateUs‐
er".
Input arguments:
UserName User Name
The administrator user, created when OPC UA was set up, cannot be deleted.
GetUserList The administrator can read the list of all users.
Input arguments:
- List of users
ChangeMyPassword Changes the password for the connected user.
Input arguments:
OldPwd Current password
NewPwd1 New password
NewPwd2 New password (security prompt)
Important!
Whereas the methods "AddUser", "DeleteUser", "GiveUserAccess" and "DeleteUserAccess"
can only be called up if the user is connected as the administrator, the user must connect as
the corresponding user in order to change the password.

User administration
4.3 Rights management
4.3 Rights management

After setting up the OPC UA components, the administrator user has read access to all data
("SinuReadAll") but no write access. These rights must be set explicitly.
The administrator can also add the user rights for individual PLC DBs.
Table 4-2 Methods for user administration
Method Description
GetMyAccessRights The currently connected user can read his rights.
Input Arguments:
- Rights
GetUserAccessRights The administrator can read the rights of another user.
Input Arguments:
User name Rights
DeleteUserAccess Deletes the specified access rights for a user.
Input Arguments:
User A user whose rights are to be deleted
Realm The access rights to be deleted as a
string.
If a user wants to delete several rights,
they must be separated by a semico‐
lon.
For all possible realm strings, see chapter List of rights (Page 44).
Example:
DeleteUserAccess("John","PlcReadDB100")
Admin wants to delete read rights of user "John" for PLC data block DB100.
Major rights versus minor rights

A possibilty to reset all user rights is to use the general OPC UA rights behaviour that by
deleting a major right all minor rights will be deleted too. So if you have granted several read
rights for special users to read certain data blocks beforehand, you can reset all of these rights
by deleting "SinuReadAll".

User administration
4.4 List of rights
4.4 List of rights

Below is the list of rights a user is assigned:

User administration
4.4 List of rights
Table 4-3 List of rights
Method Description
GiveUserAccess Sets the specified access rights for a user. The rights below can be combined in any combi‐
nation.
Input Arguments:
User User name which is to given the rights
Realm The access rights to be set as a string.
If a user wants to set several rights, they must
be separated by a semicolon.
Some possible realm strings are:
"StateRead" Status data - NC, channel, axis, read access
"StateWrite" Status data - NC, channel, axis, write access
"FrameRead" Zero offsets, read access
"FrameWrite" Zero offsets, write access
"SeaRead" Setting data, read access
"SeaWrite" Setting data, write access
"TeaRead" Machine data, read access
"TeaWrite" Machine data, write access
"ToolRead" Tool and magazine data, read access
"ToolWrite" Tool and magazine data, write access, Tool
management methods
"DriveRead" Drive data, read access
"DriveWrite" Drive data, write access
"GudRead" User data, read access
"GudWrite" User data, write access
"FsRead" File system, read access
"FsWrite" File system, write access
"PlcRead" PLC, read access
"PlcWrite" PLC, write access
"AlarmRead" Allows to subscribe to alarms
"RandomRead" Random, read access
"RandomWrite" Random, write access
"SinuReadAll" All of the read access operations mentioned
"SinuWriteAll" All of the write access operations mentioned
"ApWrite" Allows to call method "Select"
"PlcReadDBx" PLC DB read access (x indicates the DB num‐
ber)
"PlcWriteDBx" PLC DB write access (x indicates the DB num‐
ber)
Examples:
● GiveUserAccess ("MyUser", "GudRead; PlcWrite")
Sets the read access for user data for the "MyUser" user and sets the write access for the
PLC.
● GiveUserAccess ("John","PlcReadDB100")
Admin gives read rights to user "John" for PLC data block DB100.

User administration
4.4 List of rights

Functionality 5
5.1 Overview
Overview
The OPC UA server provides the possibility to communicate with SINUMERIK via OPC UA.
The following functionalities of the OPC UA specification are supported by the server:
● Data Access:
Read, write and subscribe to SINUMERIK variables (NC, PLC)
● Alarms & Conditions:
Event based provision of SINUMERIK alarms and messages from HMI, NC and PLC
● Methods:
User management, file transfer, tool management and program selection
This chapter describes the address space of the OPC UA server and gives further information
how to address some SINUMERIK specific values. Especially since a lot of SINUMERIK values
are stored in arrays or matrices.
Furthermore you can find description on the SINUMERIK alarm object and how to get the
alarms from the server.
At the end of this chapter explanation on how users can transfer files from or to the server
using the SINUMERIK file system.

Functionality
5.2 Address space model
Address space model

If the OPC UA server is browsed, the available address space is mapped under the "Sinumerik"
node.
Global User Data (GUD) can be found under the "/Sinumerik/GUD" node.
The PLC blocks (inputs, outputs, bit memory, data blocks) can be found under the "/Sinumerik/
Plc" node.
Machine data can be found under the node "/Sinumerik/TEA".
Setting data can be found under the node "/Sinumerik/SEA".
Observe the following while browsing:
● In the address space of the NC, the displayed variables always represent only the first
parameter of the corresponding unit.
Example:
The R parameters can be found under "Sinumerik > Channel > Parameter > R". The
corresponding identifier is called "/Channel/Parameter/R", which is finally mapped to "/
Channel/Parameter/R[u1, 1]". If you want to access other parameters, you need to specify
the corresponding index in brackets, e. g. "/Channel/Parameter/R[u2,56]".
● In the address space of the PLC, the displayed variables represent the access format that
has to be extended accordingly.
Example:
The variable "/Plc/MB" is in the address space and is mapped to "/Plc/MB0". For accessing
further bytes this variable must be extended by the appropriate byte number, e.g. "/Plc/
MB6".
● The address space of the NC also contains variables that are not available in a
corresponding machine configuration. These variables return "BadAttributeIdInvalid" as
value.

Functionality
Figure 5-1 Browsing

Functionality
5.3 Variable access
5.3 Variable access
5.3.1 Variable paths for NC access operations
Note
You have to pay attention to the correct upper-case and lower-case of the "nodeID". The
respective identifier of the "nodeID" provides information on the correct notation.
Variable access
The variable paths for NC access are stored in the address space of the SINUMERIK Operate
OPC UA server.
You can obtain additional information from the List Manual for 840D sl and 828D "NC variables
and interface signals" (https://support.industry.siemens.com/cs/de/de/view/109748365/en).
Figure 5-2 Identifier for R parameter
The displayed NC variables always represent only the first parameter of the corresponding
NC data area (channel, TO area, mode group).
Example
Syntax of the R parameter is as follows: R[Channel,Parameter]

Functionality
5.3 Variable access
The R parameters are found under the identifier "/Channel/Parameter/R", which is eventually
mapped to "/Channel/Parameter/R[u1, 1]". If you want to access other parameters, you must
correspondingly extend the identifier, for example "/Channel/Parameter/R[u2, 56]".
Table 5-1 Examples of variable paths (NC access operations)
Variable path Description

/Channel/Parameter/R[u1,10] R parameter 10 in channel 1
/Channel/Parameter/R[u1,1,5] R parameter array
/Channel/Parameter/R[u1,1,#5] R parameters 1 to 5 in channel 1
/Channel/GeometricAxis/name[u2,3] Name of the 3rd axis in channel 2
/Channel/GeometricAxis/actToolBasePos[u1,3] Position of the 3rd axis in channel 1
Note
Please keep in mind that with array access only max 149 parameters are allowed in one access
operation (for example /Channel/Parameter/R[u1, 1, #149]).
5.3.2 Variable paths for GUD access operations

GUD variables can be found in the OPC UA server under the "/Sinumerik/GUD" node.
The displayed GUD variables always represent only the first parameter (for GUD arrays) of
the first NC channel (for channel-dependent GUD variables). If you want to access a different
parameter of a GUD array or a different channel, you must extend the identifier accordingly
for the NC access.
GUD arrays are 1-indexed for access, and access is always one-dimensional. This means,
the index must be calculated for multi-dimensional arrays.
Example 1: One-dimensional array, NC-global GUD array

"UGUD.DEF" file
DEF NCK INT ARRAY[2]

M17
Access is performed as follows:
ARRAY[0] → /NC/_N_NC_GD3_ACX/ARRAY[1]
ARRAY[1] → /NC/_N_NC_GD3_ACX/ARRAY[2]
Example 2: Two-dimensional array, channel-dependent GUD array

"UGUD.DEF" file
DEF CHAN INT ABC[3,3]

M17

Functionality
5.3 Variable access
Access is performed as follows:
ABC[0,0] → /NC/_N_CH_GD3_ACX/ABC[u1, 1]
ABC[0.1] → /NC/_N_CH_GD3_ACX/ABC[u1, 2]
5.3.3 Variable paths for PLC access operations

PLC variables can be found in the OPC UA server under the "/Sinumerik/Plc" node.
In the address space of the PLC, the displayed variables represent the access format that has
to be extended accordingly.
Example
Syntax of the PLC variable is as follows: "/Plc/MB"
This variable must be extended by the appropriate byte number, e.g. to "/Plc/MB6".
Note
On SINUMERIK 828D, you can only access the freely definable customer data blocks from
DB9000.
Access formats
The various access formats are shown in the following table. They need to be prefixed with "/
Plc/".
Note
The data type is converted during access with the OPC UA data access interface. Refer to the
following table for the data type conversions.
Table 5-2 PLC syntax
Area Address (IEC) Permissible data types OPC UA data type

Output image Qx.y BOOL Boolean
Output image QBx BYTE, CHAR, UInt32
STRING String
Output image QWx WORD, CHAR, UInt32
INT, Int32

Functionality
5.3 Variable access
Area Address (IEC) Permissible data types OPC UA data type

Output image QDx DWORD, UInt32
DINT, Int32
REAL Double
Data block DBz.DBXx.y BOOL Boolean
Data block DBz.DBBx BYTE, CHAR, UInt32
STRING String
Data block DBz.DBWx WORD, CHAR, UInt32
INT Int32
Data block DBz.DBDx DWORD, UInt32
DINT, Int32
REAL Double
Input image Ix.y BOOL Boolean
Input image IBx BYTE, CHAR, UInt32
STRING String
Input image IWx WORD, CHAR, UInt32
INT Int32
Input image IDx DWORD, UInt32
DINT, Int32
REAL Double
Bit memory Mx.y BOOL Boolean
Bit memory MBx BYTE, CHAR, UInt32
STRING String
Bit memory MWx WORD, CHAR, UInt32
INT Int32
Bit memory MDx DWORD, UInt32
DINT, Int32
REAL Double
Counters Cx - Byte
Timers Tx - UInt32
PLC time Clock - UInt16
Notes regarding the table:

● "x" represents the byte offset; "y" the bit number in the byte and "z" the data block number.
● The data type in bold characters is the default data type and does not have to be specified.
The specifications DB2.DBB5.BYTE and DB2.DBB5 are equivalent.
● Square brackets are used to access arrays, e.g. "/Plc/DB5.DBW2:[10]" (word array of length
10).
● Access to STRING arrays ("/Plc/DB123.DBB0:STRING[5]") is not supported.
Examples of variable paths (PLC access operations)
Table 5-3 Examples of variable paths (PLC access operations)

/Plc/M5.0 Memory bit 0 at byte offset 5
/Plc/DB5.DBW2 Word (16-bit) at byte offset 2 in data block 5

Functionality
5.3 Variable access

/Plc/DB8.DBB2:STRING UTF8 string beginning at byte offset 2 in data block 8
/Plc/DB8.DBW2:[10] Array of 10 words beginning at byte offset 2 in data block 8
/Plc/DB100.DBB1 Byte at byte offset 1 in data block 100
/Plc/DB2.DBD0:REAL[10] Array of 10 double words (32-bit) beginning at byte offset 0 in data block 2, which are
formatted as a floating-point number
Note
● Timers can only be read. A timer is active if it contains a value other than 0.
● If the data type CHAR or STRING is used in conjunction with a byte access, UTF8
characters are read, but if either data type is used in conjunction with a word access, UTF16
characters are read.
● Variables of the STRING type contain the maximum length in the first byte and the actual
length in the second byte. When strings are written, the actual length is adapted accordingly.
The maximum length is not changed.
● For the STRING data type in conjunction with a byte access (e.g. "/Plc/
DB99.DBB0:STRING"), the maximum string length is 255 characters. As a result of the
UTF8 formatting, for some characters (e.g. for the "µ"), two bytes are required so that the
maximum string length is correspondingly reduced.
● Only one-dimensional arrays are supported.
5.3.4 Variable paths for machine and setting data

The variable paths for machine and setting data are stored in the address space of the OPC UA
server under the nodes "/Sinumerik/TEA" and "/Sinumerik/SEA". Pay attention to the correct
upper-case and lower-case of the "nodeID". The respective identifier of the "nodeID" provides
information on the correct notation.
The displayed machine and setting variables always represent only the first parameter of the
corresponding data area (channel, axis).
Table 5-4 Examples of variable paths (machine and setting data)

/NC/_N_CH_TEA_ACX/$MC_CHAN_NAME Channel name of channel 1
/NC/_N_CH_TEA_ACX/$MC_CHAN_NAME[u2] Channel name of channel 2
Machine data arrays are 1-indexed for access.
5.3.5 Variable paths for 1:N configuration (only target system PCU)
By default, data is accessed on the NCU which is being viewed by SINUMERIK Operate.
Switching to a different NCU in the SINUMERIK Operate results in a situation where the OPC
UA server is also looking at the value of the now active NCU.
If the access is to be to a specific NCU, the NodeId must be expanded with a prefix:

Functionality
5.3 Variable access
/Random@<NCUName><NodeId> Examples of variable paths (1:N constellation)
Examples of variable paths (1:N constellation)

/Random@NCU_1/Channel/Parameter/R[u1,10] R parameter 10 in channel 1 of
NCU_1R parameter 10 in channel
1 of NCU_2
/Random@NCU_2/Channel/Parameter/R[u1,10]
/Random@NCU_1/Plc/DB123.DBB0 Byte at byte offset 0 in data block
123 of NCU_1
Note
The NCU names are listed in the "MMC.ini" file.
Entry:
[GLOBAL]
NcddeMachineNames=NCU1,NCU2
Figure 5-3 NCU names with 1:N

Functionality
5.3 Variable access
5.3.6 Finding of OPC UA variables

For more information on variable documentation, refer: NC variables and interface signals
(https://support.industry.siemens.com/cs/de/de/view/109748365/en)
Example 1: Finding an OPC UA variable in the variable documentation

You want to find the variable "opMode" in folder "/Bag/State".
1. Refer to the document mentioned above. Search for "opMode".

Functionality
5.3 Variable access
Example 2: Finding an OPC UA variable occurring in different folders in the variable documentation
You want to find the variable "cuttEdgeParam" which occurs in the folder "/Channel/
Compensation" and "/Tool/Compensation".

Functionality
5.3 Variable access
1. At the beginning of each chapter for variable sections, you find the information "OEM-MMC:
LinkItem" specifying "/ToolCompensation/“.
2. Refer to the document and search for "ChannelCompensation" and then navigate manually
to the requested parameter "cuttEdgeParam".
Example 3: Finding a variable from documentation on OPC UA client

You want to find the variable "cuttEdgeParam" in the Tool edge data section.
1. At the beginning of each chapter of the variable documentation you find the information
"OEM-MMC: LinkItem" specifying here "/ToolCompensation/".
2. Therefore you will find the variable "cuttEdgeParam" in the OPC UA Browse Tree in the
folder "Tool", subfolder "Compensation".

Functionality
5.3 Variable access
5.3.7 Monitored items

An OPC UA client can subscribe to a selection of nodes of interest and let the server monitor
these items. Only in case of changes, e.g. to their values, the server notifies the client about
such changes. This mechanism reduces the amount of transferred data immensely. Besides
the reduction of bandwidth this mechanism introduces further advantages and is the
recommended mechanism to “read” information from a UA server.
A client can subscribe to different types of information provided by an OPC UA server. The
purpose of a subscription is to group these sources of information, called monitored items,
together, forming a piece of information called a notification.
A subscription consists of at least one monitored item, which has to be created within the
context of a session and can be transferred to another session. To create a session, a secure
channel between the client and the server has to be established.
There are two different types of “changes” a client can subscribe to when adding monitored
items to the subscription:
● subscribe to data changes of Variable Values (Value attribute of a Variable)
● subscribe to Events of Objects (EventNotifier attribute of an Object)
Publish interval
Clients define MonitoredItems to subscribe to data and Events. Each MonitoredItem identifies
the item to be monitored and the Subscription to use to send Notifications. The item to be
monitored may be any Node Attribute.
Notifications are data structures that describe the occurrence of data changes and Events.
They are packaged into NotificationMessages for transfer to the Client. The Subscription
periodically sends NotificationMessages at a user-specified publishing interval, and the cycle
during which these messages are sent is called a publishing cycle." (see OPC UA Part 4 -
Services 1.03 Specification.pdf (https://opcfoundation.org/))
Sampling interval
Each MonitoredItem created by the Client is assigned a sampling interval that is either inherited
from the publishing interval of the Subscription or that is defined specifically to override that
rate. [...] The sampling interval indicates the fastest rate at which the server should sample its
underlying source for data changes. (see OPC UA Part 4 - Services 1.03 Specification.pdf
(https://opcfoundation.org/))
See also
Technical data (Page 107)

Functionality
5.4 Alarms
5.4 Alarms
5.4.1 Overview
Any OPC UA client supporting Alarms & Conditions connected to the OPC UA server can
subscribe to alarms to get the notifications of alarms.
All OPC UA Clients that have subscribed for SINUMERIK alarms will be provided with an alarm
as soon as it becomes active. Also if the alarm becomes inactive, the status of the
corresponding alarm/s will be updated automatically.
Alarms and Conditions support subscription of all the pending and active alarms of the
SINUMERIK system. Part program messages are not supported as part of Alarms and
Conditions, but can be received using data access. The OPC UA Server provides all alarms
that will be provided by the SINUMERIK AlarmService:
● HMI alarms
● NCK alarms including drive alarms
● Diagnostic buffer alarms
● PLC alarms (FC10)
● Alarm_S(Q) alarms (SFC17/18, PDiag, HiGraph, S7-Graph) with results of criteria analysis.
Multi language support for the alarms and warnings messages are supported and the required
alarm language can be selected during session creation in OPC UA Client. If the desired
language is not supported in the operate, the default English language is supported.
The SINUMERIK Alarm object is of the "CNCAlarmType" which is defined in the Companion
Specification "OPC UA Information Model for CNC Systems (http://opcfoundation.org/UA/
CNC/)".

Functionality
5.4 Alarms
5.4.2 Subscribe / unsubscribe to alarms
Subscribe to alarms
The SINUMERIK Alarm Event object is connected to the SINUMERIK node. To receive the
alarms, an event subscription must be placed at the SINUMERIK node. The following example
describes how to receive the alarms using the OPC UA Foundation Client:
1. Open the "Quickstart Alarm Condition Client".
Figure 5-4 Alarm Condition Client
2. Click "Conditions > Set Area Filter…". The "Select Area" window appears.
Figure 5-5 The Select Area Window
3. Select "Sinumerik".
4. Click "OK".
The alarms will be displayed on the screen.

Functionality
5.4 Alarms
Figure 5-6 Alarm List
Unsubscribe to alarms
1. Click "Conditions > Set Area Filter…". The "Select Area" window appears.
2. Right click on "Sinumerik" and select "Remove Monitored Item" to unsubscribe the server
from the Quickstart Alarm Condition Client.
5.4.3 Sequence description of alarms

The OPC UA server automatically sends an object of the "CNCAlarmtype" to the OPC UA
client containing the single alarm which has just been triggered.
The OPC UA server automatically resends an object of the "CNCAlarmtype" with the same
content as when the corresponding alarm was triggered, except a change in the status.
To get all the active alarms, the client has to subscribe to the Sinumerik node.
5.4.4 SINUMERIK Alarm object
5.4.4.1 Description
Every variable or object in the address space of an OPC UA server is called a node. Every
node has a server unique node id, its symbolic name, addressing information inside the
address model and some other attributes.
Events are by themselves not visible as nodes in the address space. They can only be received
via objects. Not all objects can signal events. Whether an object can signal events is specified
at the object by the EventNotifier attribute. Only objects where this attribute has been set can
be specified in the Event Monitored Item and received in Clients Events.
The Server Object serves as root notifier, that is, its EventNotifier Attribute shall be set providing
Events. However Server object will not be allowed to subscribe for the Events. Only the
"Sinumerik" Object node is accessible and can subscribe to the events.

Functionality
5.4 Alarms
5.4.4.2 OPC UA event messages and alarms
Access to alarms
User access right is required to subscribe the Events of the Sinumerik object. User access
right with access permission has to be set to “SinuReadAll“ or “AlarmRead“.The access right
is provided using Method Call “GiveUserAccess” as shown below.
Figure 5-7 Alarm access rights
If the client does not have the access with “SinuReadAll “or “AlarmRead” and user tries to
subscribe to the Events, server will return error code with “BadUserAccessDenied”.
Event types
The SINUMERIK Alarm object is of the “CNCAlarmType” which is defined in the Companion
Specification “OPC UA Information Model for CNC Systems (http://opcfoundation.org/UA/
CNC/)”.
The root of the derivation hierarchy is the BaseEventType. The types for Alarms and Conditions
are available below the ConditionType. The Application-specific event types such as
CncAlarmType can be derived. The CncAlarmType extends the DiscreteAlarmType.
An alarm is composed of various nested or parallel state machines. Monitoring can generally
be enabled or disabled. If monitoring is enabled, the alarm can be active or otherwise inactive.
Acknowledgment, confirm and comments of alarms is currently not supported.
The basic type for all condition objects is the condition type. It is derived from BaseEventType.
All mechanisms for alarm processing work even without the condition objects are contained
in the address space.

Functionality
5.4 Alarms
If a condition object changes one or several states, the server sends an event with the
requested event fields to the client. So only the alarms, where a status change happens after
the connection is established, will be sent. To receive all currently active alarms the refresh
method can be used.
CncAlarmType
The CncAlarmType, which is specified in the Companion Specification “OPC UA Information
Model for CNC Systems” is derived from the DiscreteAlarmType, which is defined by the OPC
Foundation.
%DVH23&8$
%DVH(YHQW7\SH &RQGLWLRQ7\SH $FNQRZOHGJHDEOH ,QIRUPDWLRQ0RGHO
&RQGLWLRQ7\SH
'LVFUHWH$ODUP $ODUP&RQGLWLRQ
7\SH 7\SH
&QF$ODUP7\SH
$ODUP,GHQWLILHU
$X[3DUDPHWHUV
+HOS6RXUFH
23&8$,QIRUPDWLRQPRGHO
IRU&1&6\VWHPV
Figure 5-8 OPC UA Information Model for CNC Systems
Description of the CncAlarmType

Since the CncAlarmType is derived from a number of types as you can see in Figure 5-8, it
does not only contain the three attributes AlarmIdentifier, AuxParameters and HelpSource, but
also all the other attributes which are inherited from the objects.

Functionality
5.4 Alarms
Attributes of BaseEventType
Attribute Data type Mapping with respect to SINU‐ M/O Description

MERIK
EventId String Unique node id generated from M EventId is generated by the server to
SINUMERIK system. uniquely identify a particular Event Notifi‐
cation.
The EventId shall always be returned as
value and the server is not allowed to return
a StatusCode for the EventId indicating an
error.
EventType NodeId It is always set to ‘CncAlarmType’. M The EventType shall always be returned as
value and the server is not allowed to return
a StatusCode for the EventType indicating
an error.
SourceNode NodeId Alarm source identifier provided M SourceNode identifies the Node that the
by SINUMERIK system. Event originated from. If the Event is not
specific to a Node, the NodeId is set to null.
SourceName String Supported alarm source names M SourceName provides a description of the
are HMI, NCK, and PLC. source of the Event. This could be the
string-part of the DisplayName of the Event
source using the default locale of the serv‐
er.
If it is not possible for a CNC system to pro‐
vide this information in detail, the Source‐
Name should provide the main component
responsible for this alarm (e.g. CNC, PLC,
or even Channel).
Time UtcTime Alarm time stamp M Time provides the time of the Event occur‐
red. Once set, intermediate OPC UA serv‐
ers shall not alter the value.
ReceiveTime UtcTime Alarm time stamp of the server. M ReceiveTime provides the time the OPC
UA server received the Event from the un‐
derlying device of another server.
Message Localized Text Reading attributes via M Alarm Message provides a human reada‐
(SLAE_EV_ATTR_MSG TEXT) ble and localizable text description of the
Event.

Functionality
5.4 Alarms

MERIK
Severity UInt16 Reading attributes via M Severity of the event message. The range
(SLAE_EV_ATTR_SEVE RITY) of values of the severity is from 1 to 1000,
where 1000 corresponds to the highest se‐
verity.
LocalTime TimeZoneDa‐ Offset and the DaylightSavingI‐ O LocalTime is a structure containing the Off‐
taType nOffset flag set and the DaylightSavingInOffset flag.
The Offset specifies the time difference (in
minutes) between the Time Property and
the time at the location in which the event
was issued.
If DaylightSavingInOffset is -
TRUE: Standard/Daylight savings time
(DST) at the originating location is in effect
and Offset includes the DST correction.
FALSE: The Offset does not include DST
correction and DST may or may not have
been in effect.
Severity of Alarms
SINUMERIK systems use three severity levels (e.g. Information, Warning and Error). The table
below shows the values at SINUMERIK system and its mapping in OPC UA server/client:
Severity Level SINUMERIK System OPC UA server/client

Information 0-1 1
Warning 2-999 500
Error 1000 1000
Additional attributes of the ConditionType

MERIK
ConditionCla NodeId Unique node id (sum of alarm id M String NodeID
ssId and alarm instance) SystemConditionClassType
ConditionCla String Set to “SystemConditionClas‐ M SystemConditionClassType
ssName sType"
ConditionNa String Set to “SystemCondition”. M ConditionName identifies the Condition in‐
me stance that the Event originated from. It
can be used together with the Source‐
Name in a user display to distinguish be‐
tween different Condition instances.
Retain Boolean True when the alarm is active. M Information whether or not the alarm shall
False otherwise. be displayed.
This is set to true by default.

Functionality
5.4 Alarms

MERIK
Quality String According to SINUMERIK quality M The quality provides information about the
attribute, below string will be set: reliability of an alarm.
● BAD Possible values of SINUMERIK:
● GOOD AlarmQuality.QUALITY_BAD = 0
● UNCERTAIN AlarmQuality.QUALITY_GOOD =
192
AlarmQuality.QUALITY_UNCERTAIN
= 64
LastSeverity UInt16 Reading attributes M LastSeverity provides the previous severity
via(SLAE_EV_ATTR_SEVERITY) of the ConditionBranch. Initially this Varia‐
ble contains a zero value; it will return a
value only after a severity change. The new
severity is supplied via the Severity Prop‐
erty which is inherited from the BaseEvent‐
Type.
BranchId NodeId Null M BranchId is Null for all Event Notifications
that relate to the current state of the Con‐
dition instance.
Comment LocalizedText Null M The value of this Variable is set to null.
ClientUserId String Null M The value of this Variable is set to null.
Enable Not supported M Servers do not expose Condition instances
in the AddressSpace.
Disable Not supported M Servers do not expose Condition instances
in the AddressSpace.
AddComment Not supported M Not supported and the result code should
return Bad_MethodInvalid.
ConditionRe‐ None When the method is called up, an event
freshMethod with the current state is triggered for the
calling client for all conditions. Only those
conditions are updated for which the Re‐
tain flag has been set.
Additional attributes of the AcknowledgeableConditionType

MERIK
AckedState Localized text True / False M AckedState when FALSE indicates that the
Condition instance requires acknowledge‐
ment for the reported Condition state.
When the Condition instance is acknowl‐
edged, the AckedState is set to TRUE.
Confirmed‐ LocalizedText True / False O ConfirmedState indicates whether it re‐
State quires confirmation.
EnabledState Localized text True / False M Always set to true

Functionality
5.4 Alarms

MERIK
Acknowledge Not supported M Not Supported and the return error code
shall be Bad_MethodInvalid.
Confirm O The Confirm Method is used to confirm an
Event Notifications for a Condition instance
state where ConfirmedState is FALSE.
Normally, the NodeId of the object instance
as the ObjectId is passed to the Call Serv‐
ice. However, some Servers do not expose
Condition instances in the AddressSpace.
Therefore all Servers shall also allow Cli‐
ents to call the Confirm Method by specify‐
ing ConditionId as the ObjectId. The Meth‐
od cannot be called with an ObjectId of the
AcknowledgeableConditionType Node.
Additional attributes of the CncAlarmType

The CNCAlarmType is defined in the VDW Companion Specification “OPC UA Information
Model for CNC Systems”.

MERIK
AlarmIdentifi‐ String Unique Alarm id. M Unique alarm number. This mapped to
er Alarm ID.
AuxParame‐ String All available (out of 10) parame‐ M 10 Auxilliary parameter values provided by
ters ters will be displayed in ‘ ‘ separa‐ SINUMERIK system.
ted value.
5.4.5 Language of alarms
5.4.5.1 OPC UA language specification

The OPC UA server has a built-in data type "LocalizedText" to store the language specific
alarm text. This data type defines a structure containing a string in a locale-specific translation
specified in the identifier for the locale. The elements are defined in the table below :-
Name Type Description

LocalizedText structure
text String The localized text.
locale LocaleId The identifier for the locale (e.g. “en-
US”).
The "LocaleId" is a simple data type that is specified as a string that is composed of a language
component and a country/region component as specified by IEEE 754-1985 (http://
standards.ieee.org/findstds/interps/index.html), IEEE Standard for Binary Floating-Point
Arithmetic. The <country/region> component is always preceded by a hyphen.

Functionality
5.4 Alarms
The format of the LocaleId string is shown below:

<language>[-<country/region>]
● <language> is the two letter ISO 639 code for a language
● <country/region> is the two letter ISO 3166 code for the country/region
For more information, refer to the specification OPC UA Part3 - Address Space Model 1.03
Specification.pdf
5.4.5.2 SINUMERIK language specification

The SINUMERIK system currently supports 31 languages which are mentioned below. These
languages are identified by the 3-letter abbreviation that follows Microsoft conventions.
Note
In the list of languages that are mentioned, not every language is supported always.
5.4.5.3 Mapping of SINUMERIK LanguageID with OPC UA LocaleID

Mapping of the SINUMERIK LanguageID with the OPC UA specific LocaleId for each of the
supported languages.
Language SINUMERIK LanguageID OPC UA Specific LocaleId

German - Germany deu de-DE
English - United Kingdom eng en-GB
Chinese (Simplified) chs zh-CHS
Chinese (Traditional) cht zh-CHT
Czech - Czech Republic csy cs-CZ
Danish – Denmark dan da-DK
Bulgarian - Bulgaria bgr bg-BG
Greek – Greece ell el-GR
Spanish – Spain esp es-ES
Finnish – Finland fin fi-FI
French – France fra fr-FR
Hindi – India hin hi-IN
Croatian – Croatia hrv hr-HR
Hungarian – Hungary hun hu-HU
Indonesian – Indonesia ind id-ID
Italian – Italy ita it-IT
Japanese - Japan jpn ja-JP
Korean – Korea kor ko-KR
Malay – Malaysia msl ms-MY
Dutch - The Netherlands nld nl-NL
Polish – Poland plk pl-PL
Portuguese - Brazil ptb pt-BR

Functionality
5.4 Alarms
Language SINUMERIK LanguageID OPC UA Specific LocaleId

Romanian - Romania rom ro-RO
Russian – Russia rus ru-RU
Slovak – Slovakia sky sk-SK
Slovenian – Slovenia slv sl-SI
Swedish – Sweden sve sv-SE
Tamil – India tam ta-IN
Thai – Thailand tha th-TH
Turkish – Turkey trk tr-TR
Vietnamese - Vietnam vit vi-VN
In the above list “OPC UA Specific LocaleId” is used by the OPCU UA client to connect with
the server.
5.4.6 OPC UA alarms and conditions constraints

Below are the features which are not supported in this version:
● Acknowledgements and confirmation of the alarms.
● Part program messages
● Only alarm text will be available in localized text. All other attributes will be available in
English only.

Functionality
5.4 Alarms
5.4.7 OPC UA alarms and conditions client
User interface
The figure and table below describes the user interface of the UaExpert client example with
which the information of the namespace of an OPC UA server can be conveniently accessed.
① The Alarm window

② Displays the received events with preconfigured event fields. The standard event fields are:
● In the Events tab: Time, ReceiveTime, Severity, SourceName, Message, EventType and
SourceNode
● In the Alarms tab: AcknowledgeState, Time, Severity, SourceName, Message,
ConditionName, ActiveState and Retain Flag
③ In the first column of the Alarm tab, a symbol indicates whether an event has already been
Acknowledged. (red flag: unacknowledged, green checkmark: acknowledged)
④ The Alarm / Event Subscription View
⑤ Alarm / Event Instances:
The user needs to subscribe to these instances (by dragging or by configuring).
Figure 5-9 User interface UaExpert client

Functionality
5.4 Alarms
5.4.8 OPC UA multi-language alarms and conditions client

The OPC UA client must explicitly provide the OPC UA specific language "LocaleId" to change
the alarm texts. Below is an example of changing the client language using OPC UA foundation
stack client.
Figure 5-10 OPC UA multi-language alarms and conditions client using 　OpcUa foundation .Net
Client
In the case of UaExpert client proceed as follows:

1. Open the “Configure UaExpert” window under "Settings" Tab in the client
2. Provide the OPC UA specific "LocaleId" as value for the parameter "General.LocaleId".
3. Then connect to the server.
Figure 5-11 Client User Interface for changing Session Language

Functionality
5.4 Alarms
Language OPC UA Specific LocaleId

German - Germany de-DE
English - United Kingdom en-GB
Chinese (Simplified) zh-CHS
Chinese (Traditional) zh-CHT
Czech - Czech Republic cs-CZ
Danish – Denmark da-DK
Bulgarian - Bulgaria bg-BG
Greek – Greece el-GR
Spanish – Spain es-ES
Finnish – Finland fi-FI
French – France fr-FR
Hindi – India hi-IN
Croatian – Croatia hr-HR
Hungarian – Hungary hu-HU
Indonesian – Indonesia id-ID
Italian – Italy it-IT
Japanese - Japan ja-JP
Korean – Korea ko-KR
Malay – Malaysia ms-MY
Dutch - The Netherlands nl-NL
Polish – Poland pl-PL
Portuguese - Brazil pt-BR
Romanian - Romania ro-RO
Russian – Russia ru-RU
Slovak – Slovakia sk-SK
Slovenian – Slovenia sl-SI
Swedish – Sweden sv-SE
Tamil – India ta-IN
Thai – Thailand th-TH
Turkish – Turkey tr-TR
Vietnamese - Vietnam vi-VN

Functionality
5.5 File system
5.5 File system
5.5.1 Overview
SINUMERIK OPC UA supports the standard OPC UA file and folder objects, which allows
transfer of files as well as the manipulation of the file systems.
Furthermore, the server offers 2 comfort methods to copy NC part programs from the OPC UA
client to the OPC UA server and vice versa. Due to the nature of the method this comfort
methods are limited to a file size of 16 MB. For bigger files please use the file and folder objects
as described in chapter File transfer exceeding 16 MB between client and server (Page 79).
Operations
This allows an OPC UA client to use the following operations within the part of the SINUMERIK
file system:
1. Create files/directories
2. Copy files/directories
3. Moving files/directories
4. Deleting files/directories
5. Renaming files/directories
File system
The standard OPC UA file system is placed in the SINUMERIK folder and the file structure of
the NCU is as shown below:
1. Part Programs
2. Sub Programs
3. Work Pieces
4. NCExtend (External CF Card/internal CF Card)
Note
For 840D sl
For NCU, external CF Card/internal CF Card is supported.
For IPC/PCU, SSD/Harddisk is supported.
5. ExtendedDrives (USB/Networkshare)
Note
The ExtendedDrives folder will only be displayed if there are external drives available.
Please keep in mind that a licence my be required to use these external drive.

Functionality
5.5 File system
Note
NCExtend and ExternalDrives option is supported for SINUMERIK Operate version 4.7 or later.
Figure 5-12 The file system
5.5.2 Prerequisites
The OPC UA server allows the OPC UA client to support the transfer of files between the client
and the server.

Functionality
5.5 File system
As a user, you will require user access rights to access these files from the server. The access
rights are provided using the "GiveUserAccess" method. The following access rights can be
provided for the file system (also see chapter List of rights (Page 44)):
● FsRead for the standard file system methods like Open, GetPosition, Read as well as the
CopyFileFromServer method.
● FsWrite for the standard file system methods like CreateDirecotry, CreateFile, Delete,
MoveOrCopy, Write, SetPosition, Close as well as the CopyFileToServer method.
Figure 5-13 Standard Method

Functionality
5.5 File system
5.5.3 Standard file system support
5.5.3.1 File transfer with standard methods

The SINUMERIK OPC UA server supports the "FileType"/"FolderType" as described in the
OPC UA Specification Part 5, which allows manipulating files and folders via OPC UA.
Folder methods
The folders, "Part Programs", "Sub Programs", "Work Pieces", "NCExtend", and
"ExtendedDrives" are of the "FolderType", which contain the following methods:
Method/Attribute Description
CreateDirectory To create new folders under parent folder.
CreateFile To create new file under parent folder.
Delete To delete folder and file under parent folder.
MoveOrCopy To copy or move files from source to destination
within server filesystem.
You can create, delete, move or copy folders and files using the above methods. When you
create a new folder using "CreateDirectory"’, a new node will be created with "FolderType"
and name provided by the user in OPC UA client. This folder contains all methods and attributes
specified in above table.
The node in the address space, under which the "CreateDirectory" method is called, is the
"parent" node of the new folder node.
The folder methods exist under all folder type objects in the file system. Please note that you
must always call the method under the direct parent node of the file or folder.
For the methods "Delete" and "MoveOrCopy" you must always provide the full identifier of the
node to be moved, copied or deleted.
Whenever you create a new file using the method "CreateFile", a new node will be created
with "FileType" with a user provided name. This file again contains all methods and attributes
specified in the table above. The node in address space, under which the "CreateFile" method
is called, is the "parent" node of the new file node. For specific information for the described
methods, check the Typedefinition in the OPC UA Specification Part 5.
Examples for the usage of the folder methods
Use Case Where to call Input parameter

CreateDirectory Method must be called under the node Folder name
where the files should be created (e. g.
"SINUMERIK/FileSystem/Part Pro‐
grams/")
CreateFile Method must be called under the node Filename incl. file extension (e. g. "My‐
where the files should be created (e. g. PartProgram.mpf")
"SINUMERIK/FileSystem/Part Pro‐
grams/")

Functionality
5.5 File system
Use Case Where to call Input parameter

Delete Method of the direct parent node of the Identifier of the file/folder (e. g. "SINU‐
file/folder to be deleted must be called MERIK/FileSystem/Part Programs/Test/
(e. g. to delete a file located under "SIN‐ MyPartProgram.mpf")
UMERIK/FileSystem/Part Programs/
Test" the method of the folder "Test"
must be called)
MoveOrCopy Method of the direct parent node of the Identifier of the source file/folder as well
file/folder to be moved or copied must as identifier of the target folder (e. g.
be called (e. g. to move or copy a file Mover or copy the file "MyProgram.mpf"
located under "SINUMERIK/FileSystem/ from the folder "Test" to the folder "Part
Part Programs/Test" the method of the Programs"
folder "Test" must be called) Source: "SINUMERIK/FileSystem/Part
Programs/Test/MyPartProgram.mpf"
Target: "SINUMERIK/FileSystem/Part
Program/MyPartProgram.mpf")
File methods
All files which are in the above mentioned folders will be of the "FileType" type and consist of
the following methods and properties:
Method/Attribute Description
Open Opens the file either in read/write mode.
Read Reads contents of the file.
Write Writes data to the file. (if write permission is avail‐
able)
Close Closes the file. (succeeds if file is open)
GetPosition Gets the position of current position of file pointer
while file read/write operation.
SetPosition Sets the position of current position of file pointer
while file read/write operation.
OpenCount Gives the number of file open instances.
Size Gives the file size details.
UserWritable Set to true if current user has access to modify the
content of the file.
Writable Set to false if the file is read only.
Whenever you create a new file using the method "CreateFile", a new node will be created
with "FileType" type with a user provided name. This file again contains all methods and
attributes specified in the table above. The node in address space, under which the
"CreateFile" method is called, is the "parent" node of the new file node. For specific information

Functionality
5.5 File system
for the described methods, check the type definition in the OPC UA Specification Part 5 Annex
C.
Note
No multiple extensions supported
The methods "CreateFile","CopyFileToServer", "CopyFileFromServer" and "MoveOrCopy" will
not support files with multiple extensions (i.e. test.mpf.mpf).
5.5.3.2 File transfer exceeding 16 MB between client and server

For file transfer, the OPC UA specification v1.0X, Part 5, Annex C offers the use of file and
folder object methods.
How can a file transfer be implemented in a client using the file and folder object methods?
The basic idea is to open a file and copy the content from location A to B and then close the
file.
Therefore to copy a file from the SINUMERIK to an OPC UA client the client needs to do the
following:
● Open the file on the SINUMERIK via the Open method,
● then pass the received handle to the Read method and operate on arrays of bytes,
● then close the file via the Close method.
For the other direction, the file has to be created on the SINUMERIK file system first, using
the Create method.

Functionality
5.5 File system
23&8$&OLHQW 23&8$&OLHQW)LOH7\SH 23&8$6HUYHU)LOH7\SH 23&8$6HUYHU
2SHQPRGH
ILOH+DQGOH
WHVWPSI
ILOH+DQGOH
5HDGILOH+DQGOHOHQJWKGDWD
)LUVW1GDWD
1!LWFDQGLIIHU
'DWD GHSHQGLQJRQWKHFOLHQW
VHWWLQJV
'DWD 1H[W1GDWD
WHVWPSI
'DWD
,IWKH%\WH6WULQJLV
HPSW\LWLQGLFDWHVWKDW
WKHHQGRIWKHILOHLV
'DWD UHDFKHG
&ORVHILOH+DQGOH
Figure 5-14 File transfer from server to client using standard file system methods

Functionality
5.5 File system
23&8$&OLHQW 23&8$&OLHQW)LOH7\SH 23&8$6HUYHU)LOH7\SH 23&8$6HUYHU
2SHQPRGH
ILOH+DQGOH
ILOH+DQGOH
:ULWHILOH+DQGOHOHQJWKGDWD )LUVW1%\WHGDWD

1!LWFDQGLIIHU
GHSHQGLQJRQWKHFOLHQW
VHWWLQJV
:ULWHILOH+DQGOHOHQJWKGDWD
WHVWPSI 'DWD
1H[W1%\WHGDWD
:ULWHILOH+DQGOHOHQJWKGDWD
/DVW1%\WHGDWD
'DWDZULWWHQWRILOH
&ORVHILOH+DQGOH
WHVWPSI
7KHVHVVLRQLVHQGHG
ZLWKRXWFDOOLQJWKH&ORVH
PHWKRG
'DWDZLOOEHORVW
Figure 5-15 File transfer to server from client using standard file system methods
5.5.3.3 Comfort methods for file transfer < 16 MB

In addition to the standard file system, two additional methods are provided to transfer files
from server to client and vice versa.
Note
With these methods, you will be able to transfer maximum of 16 MB by default, depending on
the client settings. As the maximum ByteString and message size depends on the server and
client-side stack limit. For file transfer more than 16 MB, it is recommended to use OPC UA
standard file transfer methods.

Functionality
5.5 File system
Figure 5-16 Methods for the file transfer

Functionality
5.5 File system
Procedure and Example

1. CopyFileFromServer:
– Allows copying file from SINUMERIK OPC UA server to client location.
– The user shall provide the name of the file with full path to be copied.
– On completion of the file transfer, an appropriate message will be displayed.
Type Data type Argument Description

Input parameter string SourceFile Name of the file need
to be copied with abso‐
lute path.
Output parameter ByteString Data Raw file data
2. CopyFileToServer:
– Allows copying a client file to a specified SINUMERIK NC memory location.
– The user shall select the file to be transferred and specify the location on server.
Type Data type Argument Description

Input parameter string TargetFilename Target file name with
absolute path
Input parameter ByteString Data Raw file Data
Input parameter Boolean Overwrite Overwrite True: Overwrite the file
if already exists. False:
File will not be overwrit‐
ten.
For example:
The complete path of the files can be provided as below:
● Sinumerik/FileSystem/Part Program/partprg.mpf
● Sinumerik/FileSystem/Sub Program/subprg.spf
● Sinumerik/FileSystem/Work Pieces/wrkprg.wpf
● Sinumerik/FileSystem/NCExtend/Program.mpf
● Sinumerik/FileSystem/ExtendedDrives/USBdrive/Q3.mpf

Functionality
5.6 Select
5.6 Select
5.6.1 Overview
The "Select" method is provided under "Methods > Filehandling" in the address space, which
allows the selecting of a part program from the NC file system. You can call this method and
select the file to be executed by providing the node identifier of the file in address space and
the channel number.
By calling this method, you can only select the program for execution and not start the execution
of the program itself.

Functionality
5.6 Select
5.6.2 Description
You are allowed to select the part program file for execution from the NC file system and
external memory, which includes "local drive", "USB" and "network share". As part of the file
system feature, the NC file system is exposed in the OPC UA address space.
There are two input values to be provided to call the "Select" method.
● Node identifier of the file to be selected for execution.
● Channel number.
Each part program file on the file system is associated with a node identifier in the OPC UA
address space and is provided as the input. Only one part program can be selected for a
channel. An error will be displayed otherwise.
Status code is an output parameter which indicates the error code in case of failures.
5.6.3 Input and output arguments

Signature of the method "Select" is as follows:
Select (
[in] string SourceFileNodeId,
[in] int32 ChannelNumber,
[out] int32 Status Code)
Argument Description
SourceFileNodeId Represents the node identifier of the file with absolute path
(which is selected for execution).
Channel Number A number which represents the channel to be used while pro‐
gram execution.

Functionality
5.6 Select
Prerequisites
● Channel to be used during program execution must be in the state "Reset".
● User with "ApWrite" access right can call "Select" method. If the user does not have the
access "ApWrite" and tries to call "Select" method, it fails and server will return with OpcUa
status "BadUserAccessDenied".
Note
The access right for the user is provided using the "GiveUserAccess" method.
Status Code of the method call

The following table gives details on values and description on the status of the "Select" method
call. As part of output argument, the result code (value) is displayed in the OPC UA client.
Status Code (value) Description

0 Successful
1 Channel does not exist
2 Part Program cannot be found
3 Channel is not in Reset
4 Target rejected requested action.
Note
No file restriction
Notice that a file with any extension is allowed to be selected through OPC UA "Select" method.
OPC UA does not restrict selecting files with any file extension.
Joblists cannot be selected.
OPC UA Status
The following table gives details on values and description of the OPC UA method call status:
Result Description
Succeeded Method is executed with success/failure.
OpcUa_BadInvalidArgument Invalid inputs are provided.
OpcUa_BadUserAccessDenied User does not have permission to invoke the method.

Functionality
5.6 Select
5.6.4 Example call
Procedure
1. Look for the NodeID of the particular part program you want to select (for example
"NC_PROG1.MPF").
2. Navigate in the "File System" node until you reach the particular file.
Figure 5-17 Finding of NodeID
3. Specify the NodeID and the channel number in the call of the method.
Figure 5-18 Arguments of select method
The particular part program will be selected.

Functionality
5.7 Tool management
5.7 Tool management
5.7.1 Description
The OPC UA server supports the creation and deletion of tools and cutting edges. The methods
for this operation can be found under "Sinumerik > Methods > ToolManagement" folder.
Following are the four methods present in "ToolManagement" folder:
● CreateTool
● DeleteTool
● CreateCuttingEdge
● DeleteCuttingEdge
Example calls
For example calls of the provided methods, please refer to the shown screenshots of
OpcFoundation Client.

Functionality
5.7 Tool management
Prerequisites
User with "ToolWrite" access right can call "ToolManagement" methods. If the user does not
have the access "ToolWrite" and tries to call "ToolManagement" methods, it fails and server
will return with OpcUa status "BadUserAccessDenied".
Note
The access right for the user is provided using the "GiveUserAccess" method.
5.7.2 CreateTool
The "CreateTool" method is used to create a new tool with a special T-number in Tool List
section of the SINUMERIK, and appears under the folder “Methods/ToolManagement”. The
CreateTool method does not contain the settings of tool parameters. The tool parameters e.g.:
tool type, cutting edge date etc. are set via data access functions.
The CreateTool method has two input parameters and one output parameter.
Signature:
CreateTool(
[in] string ToolArea
[in] string ToolNumber
[out] Uint32 StatusCode
)

Functionality
5.7 Tool management
The following table will give details about the parameters of the method:
Type Parameters Description

Input Tool Area Input parameter to enter tool area.
Input Tool Number 5 digit number given to the created
tool.
For range of number please refer to
828D or 840D sl documentation re‐
spectively.
Output Status Code A number which gives a feedback if
the method was executed success‐
fully or not.
The method returns a value which indicates whether the creation was successful or not. If the
creation was not successful the return value will give information about the reason of the failure.
Status code
The status code is the result of the requested action which is a number as shown in the table
below:
Status Code Reason

0 OK.
1 Tool area does not exist.
2 Tool number out of range.(Reason wrong param‐
eter)
3 Tool number exists already.
4 Maximum number of tools reached.
Method Result Codes
Result Description
Succeeded Method executed with success/failure reason.
BadInvalidArgument Arguments provided are not correct.
BadUserAccessDenied "ToolWrite" access is not provided.
5.7.3 DeleteTool
The "DeleteTool" method is used to delete an existing tool in Tool List section of the
SINUMERIK, and appears under the folder “Methods/ToolManagement”.
The method deletes the tool with all cutting edges in all data blocks where it is saved.
DeleteTool(

Functionality
5.7 Tool management

)
The following table will give details about the Parameters of the method:

Input Tool Area Input parameter for the end user
to enter tool area.
Input ToolNumber 5 digit number which is to be de‐
leted.
For range of number please refer
to 828D or 840D sl documenta‐
tion respectively.
Output StatusCode A number which gives a feed‐
back if the method was executed
successfully or not.
The method returns a value which indicates whether the delete was successful or not. If the
delete was not successful the return value will give information about the reason of the failure.
Status code
If the deletion of the tool was not successful the return value will give information about the
reason of the failure which are explained in the table below.
StatusCode Description
0 OK.
1 Tool area does not exist.
2 Tool number out of range.(Reason wrong param‐
eter)
3 Tool does not exist.
6 Tool active.(Reason tool in use)
Method Result Codes

The Result return "Succeeded" when the method is correctly executed and the StatusCode
gives the reason of Success/Failure.

Functionality
5.7 Tool management
It returns "BadInvalidArgument", if inputs are not according to OPC UA standards.
Result Description
5.7.4 CreateCuttingEdge
The "CreateCutting Edge" method is used to create a new cutting edge of an existing tool in
“Tool List” section of the SINUMERIK. The next superior free D number will be created.
The ”CreateCuttingEdge” method appears under the folder “Methods/ToolManagement”. This
method does not contain the settings of cutting edge parameters.
The CreateCuttingEdge method has two inputs and two output parameters.
Signature:
CreateCuttingEdge(
[out] Uint32 DNumber
)
The following table will give details about the parameters of the method:

Input Tool Area Input parameter to enter tool
area.
Input Tool Number 5 digit number which is to be de‐
leted.
tion respectively.

Functionality
5.7 Tool management

Output DNumber Cutting Edge Number of the tool.
Output Status Code A number which gives a feed‐
The method returns a value which indicates whether the creation was successful or not. If the
creation was successful the DNumber under which the new cutting edge was created will be
returned. If the creation was not successful the return value will give information about the
reason of the failure.
Status code
The status code is the result of the requested action and is represented by a number, as shown
in the table below:
Status Code Reason

0 OK.
2 Tool number out of range.
4 Maximum cutting edges reached no more cutting
edges.
5 There is no tool for which edge can be created.
(Reason wrong tool area or tool number)
Method Result Codes
Result Description
5.7.5 DeleteCuttingEdge
The "DeleteCuttingEdge" is used to delete a cutting edge of an existing tool in "Tool List"
section of the SINUMERIK. This method appears under the folder "Methods/
ToolManagement".
The DeleteCuttingEdge method has three input and one output parameters.
Signature:
DeleteCuttingEdge(
[in] string CuttingEdgeNumber

Functionality
5.7 Tool management
Following table will give details about the Parameters of the method:

Input Tool Area Input parameter to enter tool
area.
Input Tool Number Tool number of an existing tool
whose cutting edge is to be de‐
leted.
Input Cutting Edge Number 5 digit number which is to be de‐
leted.
tion respectively.
Output Status Code A number which gives a feed‐
The method should return a value which indicates whether the delete was successful or not.
If the delete was not successful the return value should give information about the reason of
the failure.
Status code
The status code is the result of the requested action which is a number as shown in the table
below:
Status Code Reason

0 OK
2 Tool number out of range.
4 Cutting edge does not exist.
5 There is no tool for which edge can be deleted
(Reason wrong tool area or tool number)
6 Tool active. (Reason tool in use)
7 The first cutting edge cannot be deleted.

Functionality
5.7 Tool management
Method Result Codes
Result Description

Functionality
5.7 Tool management

Diagnostics 6
6.1 Overview
Overview
The OPC UA server offers a variety of diagnostics information, as described in the OPC UA
Standard Part 5 - "Information Model", Chapter 6.
This diagnostics information can be found under the Server Node:
Figure 6-1 Diagnostics Information - Server Node

Diagnostics
6.2 Diagnostics screen
Requirement
Note
To show the correct status of OPC UA server you must have at least one type of message
encryption (128 bit or 256 bit) enabled.
Diagnostics screen
Additional to the server diagnostic information available via OPC UA, there is a SINUMERIK
Operate screen, which shows the actual status of the OPC UA server.
To open the diagnostics screen, select the operating area "Startup > Network" in
SINUMERIK Operate, then press the "OPC UA" softkey. The OPC UA status screen is the
first screen to be displayed.
Figure 6-2 Diagnostics

Diagnostics
Value Description Further explanation

Server IPs Server IPs and ports of the company network,
systems network or service network where the
OPC UA server is accessible
Server status Possible status of the server: There are too many sessions used
● Ok (server up and running) by other clients. External clients are
allowed to create 5 sessions with
● Not activated (OPC UA server deactivated) 828D and 10 sessions with 840D sl.
● No connection can be set up (error within The session limitation is 6 and 11,
the OPC UA server) respectively, to have one more ses‐
● No more sessions possible. All sessions are sion for the status client.
in use by other clients. The status screen
cannot create a session.
Connected cli‐ Clients which are connected to the server
ents Example:
● MD1EXMQC: remote PC of the client
● SiemensAG:OpcUaTestsApp: URN of the
application of the remote PC
● 10788… Session ID
● OpcUaTestConsole: Session Name
Subscription Utilized capacity of the OPC UA server regard‐
load ing possible subscriptions (see chapter Techni‐
cal data (Page 107)), not the overall load.

Diagnostics
6.3 OPC UA server version
OPC UA server version

OPC UA server version and OPC UA dialog version information can be found in SINUMERIK
OPERATE version screen.
1. Open SINUMERIK OPERATE and choose operating area "Diagnostics". Press the softkey
"Version".
2. Select “System extensions" and press softkey "Details".
Figure 6-3 Version data

Diagnostics
Figure 6-4 Version data / system extensions
The OPC UA entry is found.

3. Select the entry and press "Details" again to show more detailed information on OPC UA
components.

Diagnostics

Update of OPC UA server 7
7.1 Overview
Compatibility
This version of OPC UA server is supported by SINUMERIK 840D sl and SINUMERIK 828D.
An update process is possible with the following SINUMERIK software versions:
● Software line 4.5: with versions ≥ V4.5 SP4.
SINUMERIK Create MyConfig (CMC)

The necessary update (CMC) file can be provided by your regional SIEMENS office.

Update of OPC UA server
7.2 Compatibility
7.2 Compatibility
Compatibility
Below are the compatibility issues of OPC UA:
● Password
The Password length has changed to min. 8 characters.
● User rights
– The behavior in setting “SinuReadAll” and “SinuWriteAll” is different from previous
versions.
– Different from previous version is that removing the right “SinuReadAll” will remove all
read rights. In previous versions additionally added read rights have not been deleted
with removing “SinuReadAll”.
Same applies to “SinuWriteAll”.
Note
If you face any other compatibility issues or for further details, refer to hotline (https://
support.industry.siemens.com/cs/sc/2090/).

7.3 Installation of OPC UA server
OPC UA - Server update

The installation procedure of the OPC UA server varies depending whether a PCU or a PPU/
NCU is being used. Below are the instructions for both options:
See also
Update of OPC UA server (Page 111)
7.3.1 Installation/Upgrade on a PCU/IPC

1. Load OPC UA software (OpcUaDeployWindows_XXX.XXX.exe) on USB stick.
2. Start PCU in the service mode.
3. Insert USB stick in USB port of operator panel.
4. Start Windows Explorer.
5. Navigate to .exe file and execute it.
6. Follow the installation instructions.
7. After successful installation, restart the PCU.
Note
If OPC UA was active before the installation, users and rights are being preserved.
7.3.2 Installation/Upgrade a PPU/NCU
Note
Different installation procedure for 828D / V4.5
Please not that the server update procedure for 828D with CNC software version V4.5 varies
from the standard process below (see chapterUpdate of OPC UA server (Page 111)).
1. Load OPC UA software (OpcUaDeployLinux_XXX.XXX.usz) on a bootable USB stick.

2. Insert USB stick in USB port of NCU/PPU.
3. Switch off NCU/PPU and switch it on again.
4. Follow the installation instructions.
5. After successful installation, restart the NCU/PPU.

Note
If OPC UA was active before the installation, users and rights are being preserved.

Technical data 8
Technical data
Description Value
Number of sessions 1)
828D 5
840 D sl 10
Number of subscriptions 2)
828D 5
840D sl 10
Maximum samples / second 828D 500 1/s
840D sl 1000 1/s
Min. sampling interval 100 ms
Sampling intervals {100, 250, 500, 1000, 2500, 5000} ms
Min. publishing interval 100 ms
Publishing intervals {100, 250, 500, 1000, 2500, 5000} ms
Max. number of users 20
Max. lifetime interval (LifeTime Count) 3600000 s
Session timeout 60 s
Max. monitored items queue size (Subscription 10000
Queue size)
1) Session = Connection of a client to a server

2) Subscription = In an existing session a subscription is a functionality for monitoring data items.
Calculating maximum subscription load

The maximum number of monitored items (Page 59) depends on the update time of the
subscriptions. Therefore the max. number of monitored items can be calculated as down below.
The maximum subscription load is calculated from the load imposed to the system by the
sample rate of all monitored items from all subscriptions of all active sessions.
Max number of monitored items = Systemload / Updates per second
Updates per second = 1 / Sampling rate (in seconds)
Systemload SINUMERIK 840D sl = 1000 items/s
Systemload SINUMERIK 828D = 500 items/s

Technical data

Exceptions: 828D / V4.5 9
The following chapter describes the exceptions regarding 828D control with CNC software
version V4.5.

Exceptions: 828D / V4.5
9.1 Starting of configuration dialog
9.1 Starting of configuration dialog

Because of certain prerequisites of this software version, it was not possible to implement the
startup of the OPC UA configuration dialog with 828D and V4.5 the same way as in prior
software releases. Therefore you reach the OPC UA configuration dialog via a different way:
Executing the OPC UA configuration dialog

1. Press “menu select”. The operating area will appear.
Figure 9-1 Operating area
2. Press the softkey ">". The second operating area will appear.
Figure 9-2 Operating area
3. Press the softkey "OPC UA". The settings dialog will appear.
Note
The operating of the settings dialog is explained in chapter Commissioning (Page 21).

9.2 Update of OPC UA server

The update procedure for 828D with CNC software version V4.5 varies from the standard
update procedure described in chapter Installation of OPC UA server (Page 105).
Prerequisite
A .tgz file (e. g.: hmi_sl_opcua_02.02.00.00.007.tgz) is provided on an USB stick.
Installation of OPC UA server

1. Power on the control.
2. Go to "Startup menu" (press "Select" button when a message appears on the screen).
Figure 9-3 Startup menu
3. Press key "^", then 2nd horizontal softkey, then 2nd vertical softkey to get to extended
"startup menu".
Figure 9-4 Extended startup menu
4. Plug in the USB drive with the provided .tgz file at the front of the 828D control.

5. Select "Install software update/backup".
Figure 9-5 Install software update/backup
6. Confirm the popup message with "Yes".
Figure 9-6 Confirmation message
7. Select the package to install.

The OPC UA dialogs will become available after power off/on.

Trouble shooting 10
10.1 Frequently asked questions (FAQs)
Topic Question Possible solution

Setup dialog is not displayed The OPC UA setup dialog will not be dis‐ Possibly the SINUMERIK operating area
correctly played correctly after installation or not to that "Setup" has already been extended by OEM
extent as described in documentation. What dialogs (function: slsudialog_oem xml). This
can I do? may cause incorrect functioning of the OPC
UA setup dialog in software versions < 4.8
SP2.
● Please contact your regional SIEMENS
office or the technical support (https://
support.industry.siemens.com/cs/sc/
2090/).
OPC UA client has no con‐ In spite of correct commissioning my OPC UA If no connection is possible, though you have
nection client cannot connect. What can I do? operated the commissioning of the OPC UA
server thoroughly, it is recommended to re‐
store factory settings of the OPC UA server.
Proceed as follows:
● Deactivate OPC UA in the setup dialog
● Switch off PCU/NCU/PPU and on again
● Activate OPC UA again in the setup dialog
● Switch off PCU/NCU/PPU and on again
The server cannot be found by the client. ● Check whether the IP address of the
What can I do? networking dialog is compatible to those
of the OPC UA dialog.
● If the IP addresses are not compatible,
press "Change" in the OPC UA setup
dialog. The new addresses will be directly
transferred into the setup dialog.
● Confirm with "Ok" and restart the
SINUMERIK.
The connection the server should function
properly now.
The OPC UA server status shows OK but the ● Reboot the control in order to activate all
client is not able to connect. What can I do? necessary firewall settings (e.g.: port
number changed).
OPC UA client cannot con‐ ● Certificate user is created Please check date and time of the target sys‐
nect as certificate user tem. In case the target system time is not
● Certificate for certificate user is trusted
within the period of validity (valid from – valid
● OPC UA client cannot connect as to) of the client certificate, the connection gets
certificate user refused (BadIdentityTokenRejected).

Trouble shooting
File Sysytem

File System How to use "CreateDirectory" method? The OPC UA server can create a folder with any extension or
with no extensions in the USB drive, network share, and local
drive. However in the NC drive, we can create an extension
with "DIR" only.
How to use "CreateFile" method? The "CreateFile" method is used to create a new file. The
created file can be written using the "Write" method of the
FileType. The OPC UA server can create file without exten‐
sion in the USB drive, network share, and local drive but not
in the NC memory.
How to use "Delete" method? ● The "Delete" method is used to delete a file/directory. The
OPC UA server will not allow to delete the file if the file is
opened for the file operation. You must close the file
handle to delete the file. In case of directory, all the file
and directory objects below the directory to delete are
deleted recursively.
● A file which is selected for execution or a folder which
contains the selected file are not allowed to be moved.
However if the file is moved there is a possibility that an
empty file will be created.
How to use "MoveOrCopy " method? ● The "MoveOrCopy" method is used to move or copy a file/
directory to another directory or to rename a file/directory.
● The OPC UA server can move any file or folder without
extension in the USB drive, network share, and local drive
but not in the NC memory. In the NC memory, a folder with
the extension "DIR" can only be allowed to be moved to
the NC memory.
● The OPC UA server will not allow to move the folder if the
file is opened for the file operation.
● A file which is selected for execution or a folder which
contains the selected file, are not allowed to be moved.
However if the file is moved there is a possibility that an
empty file will be created.
How to use "Open " method? When a client opens a file, it gets a file handle that is valid
while the session is open. Clients shall use the "Close" meth‐
od to release the handle when they do not need access to the
file anymore. Clients can open the same file several times for
read.
How to use "Read " method? The "Read" method is used to read a part of the file starting
from the current file position. The file position is advanced by
the number of bytes read. The data contains the returned data

Trouble shooting

of the file. If the ByteString is empty, it indicates that the end
of the file is reached.
How to use "Write " method? The "Write" method is used to write a part of the file, starting
from the current file position. The file position is advanced by
the number of bytes written. When the client session is closed,
all the open file handled will be closed for the respective ses‐
sion. In this scenario, if there is any existing file opened with
write mode or append mode, the current data will be lost.
How to use "Close " method? The "Close" method is used to close a file represented by a
FileType. When a client closes a file, the handle becomes
invalid.
How to use "GetPostion " method? The "GetPosition" method is used to provide the current posi‐
tion of the file handle. If a "Read" or "Write" method is called,
it starts at that position.
How to use "SetPosition " method? The "SetPosition" method is used to set the current position
of the file handle. If a "Read" or "Write" method is called, it
starts at that position. If the position is higher than the file size,
the position is set to the end of the file.
Does OPC UA standard file system support No, only the default machine name is mapped (target system
1:N constellation? PCU only).

Trouble shooting
10.2 Reference to OPC UA error code
10.2 Reference to OPC UA error code

You can find all relevant information on error codes at Github (https://github.com/
OPCFoundation/UA-Nodeset/blob/master/DotNet/Opc.Ua.StatusCodes.cs).
Technical Support
Country-specific telephone numbers for technical support are provided in the Internet at the
following address (https://support.industry.siemens.com/cs/sc/2090/) in the "Contact" area.

Index
A D
Accessibility, 11 Data types, 52
AddCertificateUser, 42 Delete
Address space, 48 method, 77
GUD, 48 DeleteCuttingEdge, 93
machine data, 48 Method Result Codes, 93
PLC blocks, 48 Parameters, 93
setting data, 48 Status code, 93
AddUser, 42 DeleteTool, 90
Alarms Method Result Codes, 90
CnCAlarmType, 64 Parameters, 90
Event types, 63 Status code, 90
sequence, 62 DeleteUser, 42
subscribe, 61 DeleteUserAccess, 43
unsubscribe, 62 Deleting
Application scenario, 11 rejected certificates, 34
trusted certificates, 32
development kit, 9
B
Browsing, 48
E
Encryption, 10
C Exporting
server certificates, 30
ChangeMyPassword, 42
Checking the time, 21
Client, 9
Close
F
method, 78 File access rights, 75
CopyFileFromServer Functionalities, 10
method, 83
CopyFileToServer
method, 83 G
Create tool, 89
GetMyAccessRights, 43
Method Result Codes, 89
GetPosition
Parameters, 89
method, 78
Status code, 89
GetUserAccessRights, 43
CreateCutting Edge, 92
GetUserList, 42
Method Result Codes, 92
GiveUserAccess, 45
Parameters, 92
Status code, 92
CreateDirectory
method, 77
I
CreateFile Importing
method, 77 trusted certificates, 32
Industry 4.0, 9

Index
L P
Language identifier, 69 PCU / IPC, 11
License, 20 Publish interval, 59
LocalizedText, 68 Publishing intervals, 107
M R
Max. lifetime interval (LifeTime Count), 107 Read
Max. monitored items queue size (Subscription method, 78
Queue size), 107 Rejected certificates
Max. number of users, 107 deleting, 34
Maximum samples / second, 107 trusting, 34
Method Renewing
Close, 78 Server certificates, 29
CopyFileFromServer, 83
CopyFileToServer, 83
CreateDirectory, 77 S
CreateFile, 77
Sampling interval, 59
Delete, 77
Sampling intervals, 107
GetPosition, 78
Security settings, 10
MoveOrCopy, 77
Select
OpenCount, 78
Status code, 86
Read, 78
Server certificates
SetPosition, 78
exporting, 30
Size, 78
renewing, 29
UserWritable, 78
Session timeout, 107
Writable, 78
SetPosition
Write, 78
method, 78
Min. publishing interval, 107
SINUMERIK
Min. sampling interval, 107
supported languages, 69
Monitored items, 59
SINUMERIK 828D, 11
MoveOrCopy
SINUMERIK 840D sl, 11
method, 77
SINUMERIK OPC UA server, 9
SINUMERIK systems, 11
Size
N method, 78
Number of sessions, 107 Supported Languages
Number of subscriptions, 107 SINUMERIK, 69
O T
OPC UA standard, 9 Thin Client, 11
Open Trusted certificates
method, 78 deleting, 32
OpenCount importing, 32
method, 78 Trusting
rejected certificates, 34

Index
U
UaExpert client, 71
User administration, 10
UserWritable
method, 78
V
Variable paths, 50
W
Writable
method, 78
Write
method, 78

Index


840Dsl 828D OPCUA Config Man 1218 en-US

Uploaded by

Copyright:

Available Formats

840Dsl 828D OPCUA Config Man 1218 en-US

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

840Dsl 828D OPCUA Config Man 1218 en-US

Uploaded by

Copyright:

Available Formats

Preface

Update of OPC UA server 7

Exceptions: 828D / V4.5 9

OPC UA server Version 2.2

Siemens AG Document order number: 6FC5397-1DP41-0BA2 Copyright © Siemens AG 2017 - 2018.

SINUMERIK Access MyMachine / OPC UA

Note regarding the General Data Protection Regulation

Note regarding the General Data Protection Regulation

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

5.3.1 Variable paths for NC access operations...............................................................................50

SINUMERIK Access MyMachine / OPC UA

7.3 Installation of OPC UA server..............................................................................................105

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

Uniform standard for data exchange

1.1.1 SINUMERIK OPC UA server

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

1.3 System setup

Accessibility of the server

6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'

Figure 1-1 Application scenario

SINUMERIK Access MyMachine / OPC UA

1.4 Compatibility of OPC UA server version and CNC software versions

CNC software version OPC UA version Test results

*) Cleanup of OPC UA folders (opcua/cfg, opcua/user) may be necessary.

SINUMERIK Access MyMachine / OPC UA

1.5 Reference to OPC UA specification

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

2.1.1 General safety instructions

2.1.2 Warranty and liability for application examples

SINUMERIK Access MyMachine / OPC UA

2.1.3 Industrial security

Further information is provided on the Internet:

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

2.2 OPC UA security notes

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

3.2 Option OPC UA

Setting the option

Figure 3-1 Setting the option

SINUMERIK Access MyMachine / OPC UA

Checking the HMI time

Executing the OPC UA configuration dialog

2. Press the "OPC UA" softkey.

SINUMERIK Access MyMachine / OPC UA

Figure 3-2 Settings of OPC UA server (with changes)

SINUMERIK Access MyMachine / OPC UA

Group Setting Description

SINUMERIK Access MyMachine / OPC UA

SINUMERIK Access MyMachine / OPC UA

Figure 3-3 Security message for opening the TCP port

SINUMERIK Access MyMachine / OPC UA

3.4 Certificate handling

SINUMERIK Access MyMachine / OPC UA

Figure 3-4 Softkey Certificates

SINUMERIK Access MyMachine / OPC UA

6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'VO 6,180(5,.'